About HSRP Authentication

Unanswered Question
Feb 16th, 2008

Hi all,

I will configurate two catalyst3750 using HSRP Authentication next week.

(Catalyst3750:IOS 12.2(25)SEE2)


interface GigabitEthernet3/0/X

no switchport

ip address XX.XX.XX.1

standby XX ip XX.XX.XX.254

standby XX priority XX

standby XX authentication abc <----here


interface GigabitEthernet3/0/X

no switchport

ip address XX.XX.XX.2

standby XX ip XX.XX.XX.254

standby XX priority XX

standby XX authentication abc <----here

I have two questions:

Firsty,If I configurate only one catalyst3750#2,the catalyst#2 can't

be authenticated for the other catalyst#1.

Can the catalyst3750#2 chaneg active status?

(of course I will configurate the second catalyst3750#1 10 min later. )

I think non-authentication has nothing to do with it.

I guess HSRP will always use authentication.

(If not specified, maybe,,,the default value is "cisco.")

Secondly,Does HSRP(Catalyst) always use authentication(default password is cisco)?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
royalblues Sat, 02/16/2008 - 00:45

If you configure authentication on the primary router and not on the standby router, the standby status will reflect as unknown on both the routers.

As per my wexperience the standby will not change the status as active

Once you have configured the authentication on both the routers, the standby status will reflect both active/standby router status

By default HSRP does not use any authentication



t.sawamura Sat, 02/16/2008 - 01:25

Thank for your replay, Narayan

But I will configurate new HSRP my situation.

(It is not an addition of HSRP Authentication. )

How do you think my situation?

(I will configurate on init status router. )


royalblues Sat, 02/16/2008 - 03:08


I tested it out and the situation is same even when you configuring HSRP for the first time.

So don worry that both the routers would be active at the same time :-)

HTH, rate if it does


t.sawamura Sat, 02/16/2008 - 04:25


Thank you for your helpfulness.

I would like to ask and confirm you again.Sorry.

I wrote my question again.

If I configurate only one catalyst3750#2,

the catalyst#2 can'tbe authenticated for the other catalyst#1(I don't still configurate

the second catalyst3750#1.).

Then, Can the catalyst3750#2 chaneg active status?

(I don't still configurate HSRP for the second catalyst)

I hope the communication starts only one switch. (Because, cannot configurate

the second catalyst3750#1 soon.)


royalblues Sat, 02/16/2008 - 05:25

There should not be any problem.

whenever you configure, there will always be a state where one router is configured and other is not


t.sawamura Sat, 02/16/2008 - 15:52

Hello Narayan,

Can the catalyst3750#2 change active status?

(I still haven't configurated HSRP for the catalyst3750#1 )


t.sawamura Sun, 02/17/2008 - 01:46


I will configurate new HSRP.

(Not only HSRP Authentication)




This Discussion