.jpg "Opportunities, Appliacation, Openings"){kind=small}
.jpg "Hand Job, Blow Job, Job Search, Monster Job"){kind=small}
.jpg "pusat resume, daftar kerja, cari kerja"){kind=small}
.jpg "Project Manager, SOftware Engineer, SAP Consultant"){kind=small}
rip key chains
You are getting the expected results with your configuration. RIP does not negotiate the keys used for authentication so with your configuration one of the spokes will not be accepting the RIP routes from the hub. The hub will be able to receive RIP updates from both spokes since it has both keys configured but the hub will only send with one of the keys.
You can add this configuration below to R2 so that it can receive RIP updates from R1 (hub):
key chain test key 2 key-string cisco2 key 3 key-string cisco
HTH,
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security) bdennis@internetworkexpert.com
Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-224-8987 Direct: 775-745-6404 (Outside the US and Canada)
—–Original Message—– From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Tim Chan Sent: Tuesday, June 20, 2006 9:30 PM To: ccielab@groupstudy.com Subject: rip key chains
I’m trying to setup RIP authentication with 3 routers, R1, R2, and R3. R1 being the hub and R2/R3 are the spokes via f/r. If I setup both spokes with the same key # and password, it all works. But when I make one of the spokes with a different key, it fails. I reverse R2 and R3, and the problem follows the router trying to authenticate with the second key #. I have tried both clear text and MD5 with the same results. What am I doing wrong?
On R1 I have: key chain test key 1 key-string cisco key 2 key-string cisco2
interface Serial0/0.2 multipoint ip address 150.50.100.1 255.255.255.0 ip rip authentication key-chain test frame-relay map ip 150.50.100.2 102 broadcast frame-relay map ip 150.50.100.3 103 broadcast
R2: key chain test key 2 key-string cisco2
interface Serial1/3 ip address 150.50.100.2 255.255.255.0 ip rip authentication key-chain test encapsulation frame-relay frame-relay map ip 150.50.100.1 201 broadcast
R3: key chain test key 1 key-string cisco
interface Serial1/0 ip address 150.50.100.3 255.255.255.0 ip rip authentication key-chain test encapsulation frame-relay frame-relay map ip 150.50.100.1 301 broadcast
Thanks for your help. -tim
——————————— Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1″/min.
