FranciscaLakes291

来自NoteExpress知识库
2015年4月21日 (二) 02:25FranciscaLakes291讨论 | 贡献的版本

(差异) ←上一版本 | 最后版本 (差异) | 下一版本→ (差异)
跳转至: 导航搜索

When you earned your CCNA, you believed you learned anything there is to know about RIP. Identify more about mary morrissey learn about by going to our pushing paper. Close, but not fairly There are some additional specifics you require to know to pass the BSCI exam and get one particular step closer to the CCNP exam, and one particular of those requires RIP update packet authentication. Youre familiar with some benefits of employing RIPv2 over RIPv1, assistance for VLSM chief amongst them. But a single advantage that youre not introduced to in your CCNA scientific studies is the potential to configure routing update packet authentication. You have two possibilities, clear text and MD5. Go Here For More Info contains further concerning how to ponder this enterprise. Clear text is just that - a clear text password that is visible by anybody who can choose a packet off the wire. If youre going to go to the difficulty of configuring update authentication, you ought to use MD5. The MD stands for "Message Digest", and this is the algorithm that produces the hash value for the password that will be contained in the update packets. Not only must the routers agree on the password, they have to agree on the authentication method. If one particular router sends an MD5-hashed password to another router that is configured for clear-text authentication, the update will not be accepted. debug ip rip is a wonderful command for troubleshooting authenticated updates. R1, R2, and R3 are running RIP over a frame relay cloud. Here is how RIP authentication would be configured on these 3 routers. R1#conf t R1config#key chain RIP The key chain can have any name. R1config-keychain#key 1 Key chains can have multiple keys. Number them carefully when using multiples. R1config-keychain-crucial#important-string CISCO This is the text string the key will use for authentication. R1config#int s0 R1config-if#ip rip authentication mode text The interface will use clear-text mode. R1config-if#ip rip authentication important-chain RIP The interface is using key chain RIP, configured earlier. R2#conf t R2config#crucial chain RIP R2config-keychain#key 1 R2config-keychain-essential#important-string CISCO R2config#int s0.123 R2config-subif#ip rip authentication mode text R2config-subif#ip rip authentication key-chain RIP R3#conf t R3config#essential chain RIP R3config-keychain#key 1 R3config-keychain-key#crucial-string CISCO R3config#int s0.31 R3config-subif#ip rip authentication mode text R3config-subif#ip rip authentication essential-chain RIP To use MD5 authentication rather than clear-text, merely replace the word "text" in the ip rip authentication mode command with md5. Heres what a effectively authentication RIPv2 packet looks like, courtesy of debug ip rip. Identify more about PORTAL Paula Baldera May FFAs get me banned from Google? by browsing our majestic encyclopedia. Learn further on the affiliated paper by visiting buy here. Clear-text authentication is in effect and the password is "cisco". 3d04h RIP received packet with text authentication cisco 3d04h RIP received v2 update from 150.1.1.three on Ethernet0 3d04h 100.../8 by way of ... in 1 hops 3d04h 150.1.2./24 by means of ... in 1 hops Heres what it looks like when the remote device is set for MD5 authentication and the local router is set for clear-text. You will also see this message if the password itself is incorrect. 3d04h RIP ignored v2 packet from 150.1.1.three invalid authentication "Debug ip rip" may possibly be a simple command as compared to the debugs for other protocols. but it really is also a very effective debug. Begin using debugs as early as achievable in your Cisco scientific studies to discover how router commands truly work.

取自“https://www.inoteexpress.com/wiki/index.php?title=FranciscaLakes291&oldid=15004