Professional Documents
Culture Documents
Routing Authentication and Passive Interfaces
Routing Authentication and Passive Interfaces
Routing Authentication and Passive Interfaces
Network Infrastructure
Protection
For
CCNP SCOR Students
By
Eng. Abeer Hosni
Network Traffic Architecture
- Control Plane (STP, RIP, OSPF, EIGRP, BGP….)
- Data Plane
- Management Plane (Telnet, SSH, SNMP, HTTP, HTTPS….)
Note:
NFP (Network Foundation Protection) is a set of security tools used to
protect different planes.
Control Plane
1- Routing Protocols Authentication:
- RIP Authentication:
R1(config)#key chain TSHOOT
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string CCNPSCOR
R1(config-keychain-key)#accept-lifetime 00:00:00 1 jan 2020 00:00:00 31
jun 2020
R1(config-keychain-key)#send-lifetime 00:00:00 1 jan 2020 00:00:00 31 jun
2020
R1(config-keychain-key)#int f0/0
R1(config-if)#ip rip authentication key-chain TSHOOT
R1(config-if)#ip rip authentication mode md5
- OSPF Authentication:
R1(config)#int f0/0
R1(config-if)#ip ospf authentication-key CCNPSCOR
Or:
R1(config-if)#ip ospf authentication message-digest
R1(config-if)#ip ospf message-digest-key 1 md5 CCNPSCOR
R1(config)#router ospf 1
R1(config-router)#area 0 authentication
R1(config-router)#area 0 authentication message-digest
- EIGRP Authentication:
R1(config)#key chain TSHOOT
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string CCNPSCOR
R1(config-keychain-key)#accept-lifetime 00:00:00 1 jan 2020 infinite
R1(config-keychain-key)#send-lifetime 00:00:00 1 jan 2020 infinite
R1(config-keychain-key)#int f0/0
R1(config-if)#ip authentication key-chain eigrp 1 TSHOOT
R1(config-if)#ip authentication mode eigrp 1 md5
2- Passive Interfaces:
- RIP Passive Interface:
R1(config)#router rip
R1(config-router)#passive-interface f0/0
R1(config-router)#passive-interface default
Best Wishes
Abeer :)