EIGRP Authentication MD5

Misalnya suatu network sudah konvergen,  lalu kita menginginkan agar sebuah router yang menerima atau mengirim update ke router kita itu diauthentikasi validitasnya. Maka, di EIGRP ada metode authentikasi agar satu router dengan router lainnya itu bisa saling ‘trust’ satu sama lain. Bagaimana suatu router bisa trust dengan router lainnya? verifikasi via authentication methods!

eigrp-pdf.jpegMari kita tengok konfigurasi dan topologi di samping.

R1#show run | beg router

router eigrp 1
network 10.0.0.0
network 192.168.9.0
auto-summary

Berikut untuk Router 2 dan 3

R2#sh run | b router
router eigrp 1
network 10.1.2.2 0.0.0.0
network 10.1.0.0 0.0.31.255
auto-summary
!

R3#sh run | be router
router eigrp 1
network 10.1.0.0 0.0.255.255
auto-summary
!

Untuk membuat authentikasi maka diperlukan key (kunci). Buatlah kunci itu di global konfig masing-masing router R1=R2=R3

!
key chain cisco
key 1
key-string cisco1
!

Setelah dibuat kuncinya, assign di masing-masing interface dimana interface itu yang menerima/mengirim update routing. Misalnya:

R1#sh run int s0/0
Building configuration…

Current configuration : 163 bytes
!interface Serial0/0
ip address 10.1.12.1 255.255.255.252
ip authentication mode eigrp 1 md5
ip authentication key-chain eigrp 1 cisco
clockrate 2000000
end

R2#sh run int s0/1
Building configuration…

Current configuration : 163 bytes
!
interface Serial0/1
ip address 10.1.12.2 255.255.255.252
ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 cisco
clockrate 2000000
end

R3#sh run int s0/0
Building configuration…

Current configuration : 163 bytes
!
interface Serial0/0
ip address 10.1.13.2 255.255.255.252
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 cisco
clockrate 2000000
end

Lakukan verifikasi ulang EIGRP neighbornya:

R1#sh ip eigrp ne
IP-EIGRP neighbors for process 1
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq Type
(sec)         (ms)       Cnt Num
1   10.1.13.2               Se0/1             13 00:21:32   40   240  0  20
0   10.1.12.2               Se0/0             14 00:26:26   59   354  0  18

R2#sh ip eigrp neig
IP-EIGRP neighbors for process 1
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq Type
(sec)         (ms)       Cnt Num
1   10.1.23.1               Se0/0             12 00:31:43  778  4668  0  19
0   10.1.12.1               Se0/1             13 00:37:06   91   546  0  19

R3#sh ip eigrp ne
IP-EIGRP neighbors for process 1
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq Type
(sec)         (ms)       Cnt Num
1   10.1.23.2               Se0/1             12 00:32:25    4   200  0  17
0   10.1.13.1               Se0/0             14 00:32:46 1089  5000  0  18

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s