RIP and authentication to unicast neighbor

bellocarico · ‎03-02-2006

Hi guys, I'm running into a problem trying to setup authentication in RIP.

First of all, I've successfully setup RIP between 2 routers using multicast (RIP v2) and key-chain.

Now, when I've changed the config from multicast to unicast, using the neighbor command + passive interface , the communication suddenly drops.

I've also noticed that this seems to be an authentication problem as (continuing in my example) removing the key config and ip rip authentication XXX the interface everything magically works.

Is the neighbor command compatible with key-chain?

R1 (only relevant config)

key chain PEEP

key 1

key-string gigi

interface Serial0.1 point-to-point

ip address 10.0.0.5 255.255.255.0

ip rip authentication mode md5

ip rip authentication key-chain PEEP

no ip split-horizon

frame-relay interface-dlci 501

R2 (only relevant config)

key chain BIP

key 1

key-string gigi

interface Serial0

bandwidth 64

ip address 10.0.0.1 255.255.255.0

ip rip authentication mode md5

ip rip authentication key-chain BIP

encapsulation frame-relay

no arp frame-relay

frame-relay map ip 10.0.0.5 105 broadcast

no frame-relay inverse-arp

Thanks to read!

ebreniz · ‎03-08-2006

Try key management.

Key management is a method of controlling authentication keys used by routing protocols. Not all protocols can use key management. Authentication keys are available for Director Response Protocol (DRP) Agent, Enhanced IGRP (EIGRP), and RIP Version 2.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca765.html#wp1001635

vladrac-ccna · ‎03-08-2006

Hello,

could you give us the output of debug ip rip on both routers? (if possible filtering for this traffic only).

Let us know.

vlad