R1配置
r1(config)#INT S2/1
r1(config-if)#ip ad 192.168.0.1 255.255.255.0
r1(config-if)#no sh
r1(config-if)#exi
r1(config)#router ei 100
r1(config-router)#net 192.168.0.0
r1(config-router)#end
R2配置
r2(config)#int s2/1
r2(config-if)#ip ad 192.168.0.2 255.255.255.0
r2(config-if)#no sh
r2(config-if)#exi
r2(config)#router ei 100
r2(config-router)#net 192.168.0.0
r2(config-router)#end
R1邻居关系
r1#sh ip ei nei
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.168.0.2 Se2/1 12 00:00:07 1 4500 0 1
R1配置认证
r1(config)#key chain EIGRP-MIMA
r1(config-keychain)#key 1
r1(config-keychain-key)#key-string www.gearfox.com
r1(config-keychain-key)#end
R2配置认证
r2(config)#key chain EIGRP-MIYAO
r2(config-keychain)#key 1
r2(config-keychain-key)#key-string www.gearfox.com
r2(config-keychain-key)#end
查看配置的KEY CHAIN
r2#sh key chain
Key-chain EIGRP-MIYAO:
key 1 -- text "www.gearfox.com"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
因为没有调用到接口上 提示认证失败的系统消息
r2#
*Jul 16 19:50:09.699: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.0.1 (Serial2/1) is down: Interface Goodbye received
r2#
*Jul 16 19:50:13.975: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.0.1 (Serial2/1) is up: new adjacency
r2#
*Jul 16 19:50:25.007: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.0.1 (Serial2/1) is down: Auth failure
R1接口调用此key chain
r1(config)#int s2/1
r1(config-if)#ip authentication key-chain eigrp 100 EIGRP-MIMA
r1(config-if)#ip authentication mode eigrp 100 md5
R2调用
r2(config)#int s2/1
r2(config-if)#ip authentication key-chain EIgrp 100 EIGRP-MIYAO
r2(config-if)#ip authentication mode eigrp 100 md5
调试eigrp认证包
r1#debug eigrp packets
EIGRP Packets debugging is on
(UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY, SIAREPLY)
r1#
*Jul 16 19:52:36.883: EIGRP: received packet with MD5 authentication, key id = 1
*Jul 16 19:52:36.883: EIGRP: Received HELLO on Serial2/1 nbr 192.168.0.2
*Jul 16 19:52:36.887: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
*Jul 16 19:52:37.247: EIGRP: Sending HELLO on Serial2/1
*Jul 16 19:52:37.247: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
r1#
*Jul 16 19:52:41.847: EIGRP: received packet with MD5 authentication, key id = 1
*Jul 16 19:52:41.847: EIGRP: Received HELLO on Serial2/1 nbr 192.168.0.2
*Jul 16 19:52:41.851: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
*Jul 16 19:52:42.247: EIGRP: Sending HELLO on Serial2/1
*Jul 16 19:52:42.247: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
r1#u
*Jul 16 19:52:46.191: EIGRP: received packet with MD5 authentication, key id = 1
*Jul 16 19:52:46.191: EIGRP: Received HELLO on Serial2/1 nbr 192.168.0.2
*Jul 16 19:52:46.195: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
*Jul 16 19:52:46.583: EIGRP: Sending HELLO on Serial2/1
*Jul 16 19:52:46.583: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
r1#u all
All possible debugging has been turned off