EIGRP Authentication
EIGRP Authentication
Configuring EIGRP authentication on routers is very easy and does not take many steps. This step by step configuring EIGRP MD5 authentication guide will help you to understand that how to enable EIGRP authentication on Cisco routers.
EIGRP uses authentication to secure routing updates. A shared authentication key which is same on both routes must be configured. The password is known as the ‘key’.
The source of the incoming routing update is authenticated and verified and if hash value doesn’t match the packet will be dropped.
The steps to configure authentication is as:
- Key chain is configured to keep keys together
- Configure the key in keychain
- Authentication string or password is configured
- Optionally a time can be defined for validity of the key chain
- Now we need to enable authentication and also have it assigned to the interface
- Put MD5 as the authentication Type
The command would look like below:
Router (config)# key chain <keychain_name> àSpecify the keychain name
Router (config-keychain)# key <key-id> àSpecify the keychain id
Router (config-keychain-key)# key-string <text> àSpecify the password
Specify MD5 authentication for the EIGRP packets
Router (config)#int <interface name> àInterface on which need authentication
Router (config-if)# ip authentication mode EIGRP <AS no.> md5 à Specify MD5 authentication
Now we need to apply key chain on the interface connecting to the other router.
Router (config)#int <interface name>
Router (config-if)# ip authentication key-chain EIGRP <AS no.> <keychain_name>
To verify the configuration and MD5 authentication
# show ip eigrp neighbors
# debug eigrp packets
# show key chain
Read more