[BSCI]配置EIGRP MD5 加密认证

2

R1配置

r1(config)#INT S2/1
r1(config-if)#ip ad 192.168.0.1 255.255.255.0
r1(config-if)#no sh
r1(config-if)#exi

r1(config)#router ei 100
r1(config-router)#net 192.168.0.0
r1(config-router)#end

R2配置

r2(config)#int s2/1
r2(config-if)#ip ad 192.168.0.2 255.255.255.0
r2(config-if)#no sh
r2(config-if)#exi

r2(config)#router ei 100
r2(config-router)#net 192.168.0.0
r2(config-router)#end

 

R1邻居关系

r1#sh ip ei nei
IP-EIGRP neighbors for process 100
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
0   192.168.0.2             Se2/1             12 00:00:07    1  4500  0  1

 

R1配置认证

r1(config)#key chain EIGRP-MIMA
r1(config-keychain)#key 1
r1(config-keychain-key)#key-string www.gearfox.com
r1(config-keychain-key)#end

 

R2配置认证

r2(config)#key chain EIGRP-MIYAO
r2(config-keychain)#key 1
r2(config-keychain-key)#key-string www.gearfox.com
r2(config-keychain-key)#end

查看配置的KEY CHAIN

r2#sh key chain
Key-chain EIGRP-MIYAO:
    key 1 -- text "www.gearfox.com"
        accept lifetime (always valid) - (always valid) [valid now]
        send lifetime (always valid) - (always valid) [valid now]

 

因为没有调用到接口上 提示认证失败的系统消息
r2#
*Jul 16 19:50:09.699: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.0.1 (Serial2/1) is down: Interface Goodbye received
r2#
*Jul 16 19:50:13.975: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.0.1 (Serial2/1) is up: new adjacency
r2#
*Jul 16 19:50:25.007: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.0.1 (Serial2/1) is down: Auth failure

 

R1接口调用此key chain

r1(config)#int s2/1
r1(config-if)#ip authentication key-chain eigrp 100 EIGRP-MIMA
r1(config-if)#ip authentication mode eigrp 100 md5

 

R2调用

r2(config)#int s2/1
r2(config-if)#ip authentication key-chain EIgrp 100 EIGRP-MIYAO
r2(config-if)#ip authentication mode eigrp 100 md5

 

调试eigrp认证包

r1#debug eigrp packets
EIGRP Packets debugging is on
    (UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY, SIAREPLY)
r1#
*Jul 16 19:52:36.883: EIGRP: received packet with MD5 authentication, key id = 1
*Jul 16 19:52:36.883: EIGRP: Received HELLO on Serial2/1 nbr 192.168.0.2
*Jul 16 19:52:36.887:   AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
*Jul 16 19:52:37.247: EIGRP: Sending HELLO on Serial2/1
*Jul 16 19:52:37.247:   AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
r1#
*Jul 16 19:52:41.847: EIGRP: received packet with MD5 authentication, key id = 1
*Jul 16 19:52:41.847: EIGRP: Received HELLO on Serial2/1 nbr 192.168.0.2
*Jul 16 19:52:41.851:   AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
*Jul 16 19:52:42.247: EIGRP: Sending HELLO on Serial2/1
*Jul 16 19:52:42.247:   AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
r1#u
*Jul 16 19:52:46.191: EIGRP: received packet with MD5 authentication, key id = 1
*Jul 16 19:52:46.191: EIGRP: Received HELLO on Serial2/1 nbr 192.168.0.2
*Jul 16 19:52:46.195:   AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
*Jul 16 19:52:46.583: EIGRP: Sending HELLO on Serial2/1
*Jul 16 19:52:46.583:   AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
r1#u all
All possible debugging has been turned off

你可能感兴趣的:(职场,认证,休闲,EIGRP,BSCI)