EIGRP authentication CCNA lab
In this practice lab, you will have to configure MD5 authentication.
There are three routers; you have to configure the key on all three routers and then configure the key string.
Once you have successfully configured the authentication, you should see the neighbor relationship forming between routers.
Keys are case-sensitive, and you can verify your configuration by clicking on the button.
EIGRP authentication allows network admins to secure the network and prevent any type of attack that involves routers. One of the best features of EIGRP is that it can authenticate the neighbor router before forming the relationship.
If authentication does not work, then EIGRP rejects the routing update from that neighbor and will not form a neighbor relationship.
key 1
key-str cisco123
exit
int fa0/0
ip auth mode ei md5
ip auth key-ch ei EIGRP-AUTH
This can also be an issue if authentication is not properly configured, as any misconfiguration with the authentication will prevent routers from forming relationships, and it will break down the communication between routers, which will eventually bring down the whole production network. It is very important to configure the routers properly.
In case the routers are not forming the relationship and everything looks fine, you can check if the router is showing any type of authentication error.
We have to make sure that neighboring routers are using the same key, as a different key will cause an authentication issue.
The authentication mode should also be the same on both routers.
Autonomous system numbers should be the same on both routers.
Why it is important
Without routing authentication, the production network is vulnerable to network attacks, as there are several ways an attacker can manipulate the routing table to compromise the network.
EIGRP authentication prevents unauthorized modification.
It allows only genuine devices to form the relationship.
Types of authentication
MD5 Authentication
HMAC-SHA Authentication
How authentication works
Both routers share the same key; each converts the key to a hash value and sends it to the neighbor router. The neighbor router calculates the hash at its own end, and if the hash value matches, then both routers share routing updates.
Network admins can also specify the time during which a specific key will be valid and will be accepted.