EIGRP Authentication

EIGRP Authentication

Configuring EIGRP authentication on routers is very easy and does not take many steps. This step by step configuring EIGRP MD5 authentication guide will help you to understand that how to enable EIGRP authentication on Cisco routers.

EIGRP uses authentication to secure routing updates. A shared authentication key which is same on both routes must be configured. The password is known as the ‘key’.

The source of the incoming routing update is authenticated and verified and if hash value doesn’t match the packet will be dropped.

The steps to configure authentication is as:

  1. Key chain is configured to keep keys together
  2. Configure the key in keychain
  3. Authentication string or password is configured
  4. Optionally a time can be defined for validity of the key chain
  5. Now we need to enable authentication and also have  it assigned to the interface
  6. Put MD5 as the authentication Type

The command would look like below:

Router (config)# key chain <keychain_name>   àSpecify the keychain name

Router (config-keychain)# key <key-id>  àSpecify the keychain id

Router (config-keychain-key)# key-string <text>  àSpecify the password

Specify MD5 authentication for the EIGRP packets

Router (config)#int <interface name>    àInterface on which need authentication

Router (config-if)# ip authentication mode EIGRP <AS no.> md5  à Specify MD5 authentication

Now we need to apply key chain on the interface connecting to the other router.

Router (config)#int <interface name>

Router (config-if)# ip authentication key-chain EIGRP <AS no.> <keychain_name>

To verify the configuration and MD5 authentication

# show ip eigrp neighbors

# debug eigrp packets

# show key chain

Read more