SlideShare a Scribd company logo

Route Authentication

Kishore Kumar
Kishore Kumar
Education
1 of 5
Download to read offline
Route Authentication By Patrick J. Conlan
Serious and potentially catastrophic problems can occur in your network if a routing protocol failure where to happen, but as bad or worse is an attack on you routing protocol. You can prevent your router from receiving fraudulent route updates by configuring neighbor router authentication. Routing Information Protocol version two (RIPv2), Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF) routing protocols all support types of neighbor authentication. Which is also called neighbor router authentication or route authentication. Route authentication can be configured so that only routers with predefined passwords can participate in the routing process. By default, no authentication is used in routing protocols. When route authentication is configured on a router, the router authenticates each routing update packet that it receives. The router does this with the exchange of an authentication key (also called a password) that is known to both the sending and the receiving router. You can configure one of two types of authentication; either a simple password authentication (often called plain-text authentication) or MD5 authentication. Simple password authentication is supported by Integrated System- Integrated System (IS-IS), Open Shortest Path First (OSPF), and Routing Information Protocol version 2 (RIPv2). MD5 authentication is supported by OSPF, RIPv2, Border Gateway Protocol (BGP), and EIGRP. For the CCNA objectives and the topics covered in this book, we are only going to cover RIPv2, EIGRP and OSPF. Simple password authentication is just that simple. A password or key must be configured on each participating neighbor router and the key must be the same. MD5 authentication is cryptographic in its operation. By cryptographic I mean a key or password and a key ID are configured on each router. The router uses an algorithm based on the routing protocol packet, the key, and the key ID to generate a digest or hash. The hash is then appended to the packet. MD5 authentication is stronger than simple authentication because the key is never sent over the wire. This method ensures that no one can listen on the line and learn the key during transmission. For the sample configurations of each of the following routing protocols, the following figure will be the network used. RouterA RouterB S0/0/0 S0/0 Lo0 Lo0 Network 10.0.0.0/24Network 10.1.1.0/24 Network 10.2.2.0/24
The following is the configuration required for simple password authentication on Router A in the sample network. This first portion of the configuration is establishing the key chain, key and key string. The key chain is basically like a container that holds the keys to be used by the authentication process. Just like your key chain that has your house and car keys on it. On that key chain you can have multiple keys, one for the car and one for the house and so on. So in the key chain you have to define your key. The key has an ID, in my configuration I used a key ID on 1. In simple text authentication the key chain number or name and the key ID do not have to be the same on both routers, but when we get to MD5 authentication the key ID must be the same as it is used in the hash. Finally, the last this to define is what the key looks like; this would be like you deciding how many teeth are going to be on your car key. For route authentication that is called the key string. RouterA(config)#key chain ccna RouterA(config-keychain)#key 1 RouterA(config-keychain-key)#key-string ccna RouterB(config)#key chain ccna RouterB(config-keychain)#key 1 RouterB(config-keychain-key)#key-string ccna This has established all the pieces required for authentication to work; now you have to tell the router to use the keys for authentication. For each of the routing protocols that looks like this: RIPv2 RouterA(config)#int s0/0/0 RouterA(config-if)#ip rip authentication key-chain ccna RouterB(config-if)#int s0/0 RouterB(config-if)#ip rip authentication key-chain ccna EIGRP RouterA(config)#int s0/0/0 RouterA(config-if)#ip authentication key-chain eigrp 1 ccna RouterB(config)#int s0/0 RouterB(config-if)#ip authentication key-chain eigrp 1 ccna
OSPF RouterA(config)#int s0/0/0 RouterA(config-if)#ip ospf authentication-key ccna RouterB(config)#int s0/0 RouterB(config-if)#ip ospf authentication-key ccna Now you have completed the configuration for simple password authentication. The nice thing is that most of the work is already done to use MD5 authentication as well. All you have to add at this point is a command to change the mode in each of the routing protocols so that it will use the upgraded process. RIPv2 In RIPv2, you need only add this command to change the mode of authentication. Everything that we have already configured will stay the same. RouterA(config)#int s0/0/0 RouterA(config-if)#ip rip authentication mode md5 RouterB(config-if)#int s0/0 RouterB(config-if)#ip rip authentication mode md5 EIGRP In EIGRP, again everything up to now will stay the same. You just have to add this command to change the mode. RouterA(config)#int s0/0/0 RouterA(config-if)#ip authentication mode eigrp 1 md5 RouterB(config)#int s0/0 RouterB(config-if)#ip authentication mode eigrp 1 md5 OSPF In OSPF, the command to enable authentication for MD5 is not just a mode change command. Rather everything is done in one command. So the previous authentication command will be replaced by the following one for MD5 authentication. RouterA(config)#int s0/0/0
RouterA(config-if)#ip ospf message-digest-key 1 md5 ccna RouterB(config)#int s0/0 RouterB(config-if)#ip ospf message-digest-key 1 md5 ccna

Recommended

Switching Types
Switching TypesSwitching Types
Switching TypesKishore Kumar
 
Frame Relay
Frame RelayFrame Relay
Frame RelayKishore Kumar
 
Dynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPFDynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPFAtakan ATAK
 
LAYER 2 SWITCHING
LAYER 2 SWITCHINGLAYER 2 SWITCHING
LAYER 2 SWITCHINGanilinvns
 
Day 2 IP ROUTING
Day 2 IP ROUTINGDay 2 IP ROUTING
Day 2 IP ROUTINGanilinvns
 
Day 4 LAYER 2 SWITCHING
Day 4 LAYER 2 SWITCHINGDay 4 LAYER 2 SWITCHING
Day 4 LAYER 2 SWITCHINGanilinvns
 
Rip ospf and bgp
Rip ospf and bgpRip ospf and bgp
Rip ospf and bgpAbhishek Kesharwani
 
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)anilinvns
 

Recommended

Switching Types
Switching TypesSwitching Types
Switching TypesKishore Kumar
 
Frame Relay
Frame RelayFrame Relay
Frame RelayKishore Kumar
 
Dynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPFDynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPFAtakan ATAK
 
LAYER 2 SWITCHING
LAYER 2 SWITCHINGLAYER 2 SWITCHING
LAYER 2 SWITCHINGanilinvns
 
Day 2 IP ROUTING
Day 2 IP ROUTINGDay 2 IP ROUTING
Day 2 IP ROUTINGanilinvns
 
Day 4 LAYER 2 SWITCHING
Day 4 LAYER 2 SWITCHINGDay 4 LAYER 2 SWITCHING
Day 4 LAYER 2 SWITCHINGanilinvns
 
Rip ospf and bgp
Rip ospf and bgpRip ospf and bgp
Rip ospf and bgpAbhishek Kesharwani
 
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)anilinvns
 
MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN NetProtocol Xpert
 
Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information ProtocolKashif Latif
 
CCNA ppt Day 5
CCNA ppt Day 5CCNA ppt Day 5
CCNA ppt Day 5VISHNU N
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocolAmeer Agel
 
IP ROUTING
IP ROUTINGIP ROUTING
IP ROUTINGanilinvns
 
network convergence problem and solutions
network convergence problem and solutionsnetwork convergence problem and solutions
network convergence problem and solutionsSiddhi Viradiya
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG
 
Routers.ppt
Routers.pptRouters.ppt
Routers.pptkirbadh
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)Respa Peter
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgEric Vanderburg
 
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Vishal Sharma, Ph.D.
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstAtakan ATAK
 
CCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and TrunkingCCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and TrunkingRafat Khandaker
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstKashif Latif
 
Switching
SwitchingSwitching
SwitchingNetwax Lab
 
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)anilinvns
 
Layer 2 & layer 3 switching
Layer 2 & layer 3 switchingLayer 2 & layer 3 switching
Layer 2 & layer 3 switchingMuhd Mu'izuddin
 
RIP (routing information protocol)
RIP (routing information protocol)RIP (routing information protocol)
RIP (routing information protocol)Netwax Lab
 
Ospf
OspfOspf
Ospfamit khunte
 
Ospf
OspfOspf
Ospfankit_saluja
 
1. Introduction
1. Introduction1. Introduction
1. IntroductionOpen Source Group
 
Switching Types
Switching TypesSwitching Types
Switching TypesKishore Kumar
 

More Related Content

What's hot

Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information ProtocolKashif Latif
 
CCNA ppt Day 5
CCNA ppt Day 5CCNA ppt Day 5
CCNA ppt Day 5VISHNU N
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocolAmeer Agel
 
network convergence problem and solutions
network convergence problem and solutionsnetwork convergence problem and solutions
network convergence problem and solutionsSiddhi Viradiya
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG
 
Routers.ppt
Routers.pptRouters.ppt
Routers.pptkirbadh
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)Respa Peter
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgEric Vanderburg
 
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Vishal Sharma, Ph.D.
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstAtakan ATAK
 
CCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and TrunkingCCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and TrunkingRafat Khandaker
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstKashif Latif
 
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)anilinvns
 
Layer 2 & layer 3 switching
Layer 2 & layer 3 switchingLayer 2 & layer 3 switching
Layer 2 & layer 3 switchingMuhd Mu'izuddin
 
RIP (routing information protocol)
RIP (routing information protocol)RIP (routing information protocol)
RIP (routing information protocol)Netwax Lab
 

What's hot (20)

MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN
 
Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information Protocol
 
CCNA ppt Day 5
CCNA ppt Day 5CCNA ppt Day 5
CCNA ppt Day 5
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocol
 
IP ROUTING
IP ROUTINGIP ROUTING
IP ROUTING
 
network convergence problem and solutions
network convergence problem and solutionsnetwork convergence problem and solutions
network convergence problem and solutions
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
 
Routers.ppt
Routers.pptRouters.ppt
Routers.ppt
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
 
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
 
CCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and TrunkingCCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and Trunking
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
 
Switching
SwitchingSwitching
Switching
 
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
Day 3 ENHANCED IGRP (EIGRP) AND OPEN SHORTEST PATH FIRST (OSPF)
 
Layer 2 & layer 3 switching
Layer 2 & layer 3 switchingLayer 2 & layer 3 switching
Layer 2 & layer 3 switching
 
RIP (routing information protocol)
RIP (routing information protocol)RIP (routing information protocol)
RIP (routing information protocol)
 
Ospf
OspfOspf
Ospf
 
Ospf
OspfOspf
Ospf
 

Viewers also liked

Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threatsKishore Kumar
 
Ccna simulation exam practice guide
Ccna simulation exam practice guideCcna simulation exam practice guide
Ccna simulation exam practice guideKishore Kumar
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of RoutersKishore Kumar
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital NetworkKishore Kumar
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of RouterKishore Kumar
 
Multi Static Routng & Default Routing
Multi Static Routng & Default RoutingMulti Static Routng & Default Routing
Multi Static Routng & Default RoutingKishore Kumar
 
Computer networking
Computer networkingComputer networking
Computer networkingChinmoy Jena
 

Viewers also liked (20)

1. Introduction
1. Introduction1. Introduction
1. Introduction
 
Switching Types
Switching TypesSwitching Types
Switching Types
 
CCNA presentation.
CCNA presentation.CCNA presentation.
CCNA presentation.
 
Ccnp course details
Ccnp course detailsCcnp course details
Ccnp course details
 
Red Hat Training
Red Hat TrainingRed Hat Training
Red Hat Training
 
RIP Update Timers
RIP Update TimersRIP Update Timers
RIP Update Timers
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threats
 
Ccna simulation exam practice guide
Ccna simulation exam practice guideCcna simulation exam practice guide
Ccna simulation exam practice guide
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of Routers
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital Network
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of Router
 
Multi Static Routng & Default Routing
Multi Static Routng & Default RoutingMulti Static Routng & Default Routing
Multi Static Routng & Default Routing
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
 
Ip addressing
Ip addressingIp addressing
Ip addressing
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
Dynamic Routing RIP
Dynamic Routing RIPDynamic Routing RIP
Dynamic Routing RIP
 
Static Routing
Static RoutingStatic Routing
Static Routing
 
Computer networking
Computer networkingComputer networking
Computer networking
 

Similar to Route Authentication

Cisco Router As A Vpn Server
Cisco Router As A Vpn ServerCisco Router As A Vpn Server
Cisco Router As A Vpn Servermmoizuddin
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2Kris Mofu
 
Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Saurav Pandey
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1milkux
 
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...Salem Trabelsi
 
Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)Netwax Lab
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccnarobertoxe
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Kelson Silva
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxgalerussel59292
 
Ccnav5.org ccna 3-v50_practice_final_exam_2014
Ccnav5.org ccna 3-v50_practice_final_exam_2014Ccnav5.org ccna 3-v50_practice_final_exam_2014
Ccnav5.org ccna 3-v50_practice_final_exam_2014Đồng Quốc Vương
 
All About Routers: Types Of Routers, Routing Table And IP Routing : Notes
All About Routers: Types Of Routers, Routing Table And IP Routing : NotesAll About Routers: Types Of Routers, Routing Table And IP Routing : Notes
All About Routers: Types Of Routers, Routing Table And IP Routing : NotesSubhajit Sahu
 

Similar to Route Authentication (20)

Cisco Router As A Vpn Server
Cisco Router As A Vpn ServerCisco Router As A Vpn Server
Cisco Router As A Vpn Server
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2
 
Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1
 
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
 
Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations
 
Ducat
DucatDucat
Ducat
 
acit mumbai - ospf rouitng
acit mumbai - ospf rouitng acit mumbai - ospf rouitng
acit mumbai - ospf rouitng
 
AAA Implementation
AAA ImplementationAAA Implementation
AAA Implementation
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocols
 
Lan Network with Redundancy
Lan Network with RedundancyLan Network with Redundancy
Lan Network with Redundancy
 
Lan Network with Redundancy.ppt
Lan Network with Redundancy.pptLan Network with Redundancy.ppt
Lan Network with Redundancy.ppt
 
06 tk 1073 network layer
06 tk 1073 network layer06 tk 1073 network layer
06 tk 1073 network layer
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
 
Ccnav5.org ccna 3-v50_practice_final_exam_2014
Ccnav5.org ccna 3-v50_practice_final_exam_2014Ccnav5.org ccna 3-v50_practice_final_exam_2014
Ccnav5.org ccna 3-v50_practice_final_exam_2014
 
All About Routers: Types Of Routers, Routing Table And IP Routing : Notes
All About Routers: Types Of Routers, Routing Table And IP Routing : NotesAll About Routers: Types Of Routers, Routing Table And IP Routing : Notes
All About Routers: Types Of Routers, Routing Table And IP Routing : Notes
 
Sc manual
Sc manualSc manual
Sc manual
 

More from Kishore Kumar

Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of RoutersKishore Kumar
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital NetworkKishore Kumar
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of RouterKishore Kumar
 
Wan Interface Configuration
Wan Interface ConfigurationWan Interface Configuration
Wan Interface ConfigurationKishore Kumar
 

More from Kishore Kumar (13)

OSI Layers
OSI LayersOSI Layers
OSI Layers
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
 
IP Addressing
IP AddressingIP Addressing
IP Addressing
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of Routers
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital Network
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of Router
 
Dynamic Routing RIP
Dynamic Routing RIPDynamic Routing RIP
Dynamic Routing RIP
 
Rip Update Timers
Rip Update TimersRip Update Timers
Rip Update Timers
 
Wan Interface Configuration
Wan Interface ConfigurationWan Interface Configuration
Wan Interface Configuration
 
Switching 2
Switching 2Switching 2
Switching 2
 
Subnetting
SubnettingSubnetting
Subnetting
 

Recently uploaded

Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 

Recently uploaded (20)

Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 

Route Authentication

  • 2. Serious and potentially catastrophic problems can occur in your network if a routing protocol failure where to happen, but as bad or worse is an attack on you routing protocol. You can prevent your router from receiving fraudulent route updates by configuring neighbor router authentication. Routing Information Protocol version two (RIPv2), Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF) routing protocols all support types of neighbor authentication. Which is also called neighbor router authentication or route authentication. Route authentication can be configured so that only routers with predefined passwords can participate in the routing process. By default, no authentication is used in routing protocols. When route authentication is configured on a router, the router authenticates each routing update packet that it receives. The router does this with the exchange of an authentication key (also called a password) that is known to both the sending and the receiving router. You can configure one of two types of authentication; either a simple password authentication (often called plain-text authentication) or MD5 authentication. Simple password authentication is supported by Integrated System- Integrated System (IS-IS), Open Shortest Path First (OSPF), and Routing Information Protocol version 2 (RIPv2). MD5 authentication is supported by OSPF, RIPv2, Border Gateway Protocol (BGP), and EIGRP. For the CCNA objectives and the topics covered in this book, we are only going to cover RIPv2, EIGRP and OSPF. Simple password authentication is just that simple. A password or key must be configured on each participating neighbor router and the key must be the same. MD5 authentication is cryptographic in its operation. By cryptographic I mean a key or password and a key ID are configured on each router. The router uses an algorithm based on the routing protocol packet, the key, and the key ID to generate a digest or hash. The hash is then appended to the packet. MD5 authentication is stronger than simple authentication because the key is never sent over the wire. This method ensures that no one can listen on the line and learn the key during transmission. For the sample configurations of each of the following routing protocols, the following figure will be the network used. RouterA RouterB S0/0/0 S0/0 Lo0 Lo0 Network 10.0.0.0/24Network 10.1.1.0/24 Network 10.2.2.0/24
  • 3. The following is the configuration required for simple password authentication on Router A in the sample network. This first portion of the configuration is establishing the key chain, key and key string. The key chain is basically like a container that holds the keys to be used by the authentication process. Just like your key chain that has your house and car keys on it. On that key chain you can have multiple keys, one for the car and one for the house and so on. So in the key chain you have to define your key. The key has an ID, in my configuration I used a key ID on 1. In simple text authentication the key chain number or name and the key ID do not have to be the same on both routers, but when we get to MD5 authentication the key ID must be the same as it is used in the hash. Finally, the last this to define is what the key looks like; this would be like you deciding how many teeth are going to be on your car key. For route authentication that is called the key string. RouterA(config)#key chain ccna RouterA(config-keychain)#key 1 RouterA(config-keychain-key)#key-string ccna RouterB(config)#key chain ccna RouterB(config-keychain)#key 1 RouterB(config-keychain-key)#key-string ccna This has established all the pieces required for authentication to work; now you have to tell the router to use the keys for authentication. For each of the routing protocols that looks like this: RIPv2 RouterA(config)#int s0/0/0 RouterA(config-if)#ip rip authentication key-chain ccna RouterB(config-if)#int s0/0 RouterB(config-if)#ip rip authentication key-chain ccna EIGRP RouterA(config)#int s0/0/0 RouterA(config-if)#ip authentication key-chain eigrp 1 ccna RouterB(config)#int s0/0 RouterB(config-if)#ip authentication key-chain eigrp 1 ccna
  • 4. OSPF RouterA(config)#int s0/0/0 RouterA(config-if)#ip ospf authentication-key ccna RouterB(config)#int s0/0 RouterB(config-if)#ip ospf authentication-key ccna Now you have completed the configuration for simple password authentication. The nice thing is that most of the work is already done to use MD5 authentication as well. All you have to add at this point is a command to change the mode in each of the routing protocols so that it will use the upgraded process. RIPv2 In RIPv2, you need only add this command to change the mode of authentication. Everything that we have already configured will stay the same. RouterA(config)#int s0/0/0 RouterA(config-if)#ip rip authentication mode md5 RouterB(config-if)#int s0/0 RouterB(config-if)#ip rip authentication mode md5 EIGRP In EIGRP, again everything up to now will stay the same. You just have to add this command to change the mode. RouterA(config)#int s0/0/0 RouterA(config-if)#ip authentication mode eigrp 1 md5 RouterB(config)#int s0/0 RouterB(config-if)#ip authentication mode eigrp 1 md5 OSPF In OSPF, the command to enable authentication for MD5 is not just a mode change command. Rather everything is done in one command. So the previous authentication command will be replaced by the following one for MD5 authentication. RouterA(config)#int s0/0/0
  • 5. RouterA(config-if)#ip ospf message-digest-key 1 md5 ccna RouterB(config)#int s0/0 RouterB(config-if)#ip ospf message-digest-key 1 md5 ccna