Forgot to mention my IOS version and hardware:
R2: 2801 with 12.4(25a) R4: 2821 with 12.4(25a) Maybe I should try it on the R5/6/7 links. OH! The humanity! Defeated completely by RIP!!! I guess the fact that it works for somebody with the same comfit is encouraging. Maybe I'll try it virtualized. -Mike From: Stan [mailto:[email protected]] Sent: Sunday, July 19, 2009 4:42 PM To: Bryan Bartik Cc: Michael Lipsey; [email protected]; [email protected]; CCIE OSL Subject: Re: [OSL | CCIE_RS] RIP Authentication Bryan, Just did: R1(config-keychain-key)#do sh run | b key key chain RIP key 2 key-string 7 121015120A1B09163E14167A273A1047 accept-lifetime 00:27:00 Mar 1 2002 infinite R1(config-keychain-key)#do sh run in se 1/0 Building configuration... Current configuration : 154 bytes ! interface Serial1/0 ip address 150.100.24.2 255.255.255.0 ip rip authentication key-chain RIP encapsulation frame-relay serial restart-delay 0 end Working fine. Should I run any other variations? Stan On 7/19/09 4:30 PM, "Bryan Bartik" <[email protected]> wrote: Interesting...have you tried adding an accept-lifetime? On Sun, Jul 19, 2009 at 5:12 PM, Stan <[email protected]> wrote: Michael, I did test your configs on my topology and authentication worked fine with you key-string 7 121015120A1B09163E14167A273A1047 on a 3600 Software (C3660-JK9O3S-M), Version 12.4(25). Could you please post RIP routing process config and IOS version? Thanks, Stan On 7/19/09 2:13 PM, "Michael Lipsey" <[email protected]> wrote: > I did check those, I should have included them in my original email. > > Here they are: > > R2#sho clock > *21:11:32.639 UTC Sun Jul 19 2009 > R2#sho key chain > Key-chain R2toR4: > key 1 -- text "ipexpert_R2toR4" > accept lifetime (always valid) - (always valid) [valid now] > send lifetime (00:00:00 UTC Jan 1 2009) - (infinite) [valid now] > > R4#sho clock > *21:58:06.199 UTC Sun Jul 19 2009 > R4# > R4# > R4#sho key chain > Key-chain R2toR4: > key 1 -- text "ipexpert_R2toR4" > accept lifetime (always valid) - (always valid) [valid now] > send lifetime (00:00:00 UTC Jan 1 2009) - (infinite) [valid now] > R4# > > Maybe it is the sync of the clocks being off so much... > > Let me set them and see... > > > -Mike > -----Original Message----- > From: Joe Astorino [mailto:[email protected]] > Sent: Sunday, July 19, 2009 12:50 PM > To: Michael Lipsey; [email protected]; CCIE OSL > Subject: Re: [OSL | CCIE_RS] RIP Authentication > > Check your system clock : ) > > Sh clock > Sh key chain > > I bet it is invalid > > > Regards, > > Joe Astorino - CCIE #24347 R&S > Technical Instructor - IPexpert, Inc. > Cell: +1.586.212.6107 > Fax: +1.810.454.0130 > Mailto: [email protected] > > -----Original Message----- > From: "Michael Lipsey" <[email protected]> > > Date: Sun, 19 Jul 2009 12:44:46 > To: <[email protected]> > Subject: [OSL | CCIE_RS] RIP Authentication > > > This is supposed to be easy but I'm just not getting it, here are my logs > from R2: > > R2# > *Jul 19 19:39:39.448: RIP: received packet with text authentication > ipexpert_R2toR4 > *Jul 19 19:39:39.448: RIP: ignored v2 packet from 150.100.24.4 (invalid > authentication) > R2# > *Jul 19 19:39:54.328: RIP: sending v2 update to 224.0.0.9 via Loopback0 > (200.0.0.2) > *Jul 19 19:39:54.328: RIP: build update entries > *Jul 19 19:39:54.328: 150.100.24.0/24 <http://150.100.24.0/24> via 0.0.0.0, metric 1, tag 0 > *Jul 19 19:39:54.328: RIP: ignored v2 packet from 200.0.0.2 (sourced from > one of our addresses) > R2# > *Jul 19 19:39:57.532: RIP: sending v2 update to 224.0.0.9 via Serial0/1/0.24 > (150.100.24.2) > *Jul 19 19:39:57.532: RIP: build update entries > *Jul 19 19:39:57.532: 200.0.0.2/32 <http://200.0.0.2/32> via 0.0.0.0, metric 1, tag 0 > R2# > *Jul 19 19:40:05.948: RIP: received packet with text authentication > ipexpert_R2toR4 > *Jul 19 19:40:05.948: RIP: ignored v2 packet from 150.100.24.4 (invalid > authentication) > R2# > *Jul 19 19:40:23.156: RIP: sending v2 update to 224.0.0.9 via Serial0/1/0.24 > (150.100.24.2) > *Jul 19 19:40:23.156: RIP: build update entries > *Jul 19 19:40:23.156: 200.0.0.2/32 <http://200.0.0.2/32> via 0.0.0.0, metric 1, tag 0 > *Jul 19 19:40:23.168: RIP: sending v2 update to 224.0.0.9 via Loopback0 > (200.0.0.2) > *Jul 19 19:40:23.168: RIP: build update entries > *Jul 19 19:40:23.168: 150.100.24.0/24 <http://150.100.24.0/24> via 0.0.0.0, metric 1, tag 0 > *Jul 19 19:40:23.168: RIP: ignored v2 packet from 200.0.0.2 (sourced from > one of our addresses) > R2# > *Jul 19 19:40:32.464: RIP: received packet with text authentication > ipexpert_R2toR4 > *Jul 19 19:40:32.464: RIP: ignored v2 packet from 150.100.24.4 (invalid > authentication) > R2# > *Jul 19 19:40:49.096: RIP: sending v2 update to 224.0.0.9 via Serial0/1/0.24 > (150.100.24.2) > *Jul 19 19:40:49.096: RIP: build update entries > *Jul 19 19:40:49.096: 200.0.0.2/32 <http://200.0.0.2/32> via 0.0.0.0, metric 1, tag 0 > *Jul 19 19:40:50.060: RIP: sending v2 update to 224.0.0.9 via Loopback0 > (200.0.0.2) > *Jul 19 19:40:50.060: RIP: build update entries > *Jul 19 19:40:50.060: 150.100.24.0/24 <http://150.100.24.0/24> via 0.0.0.0, metric 1, tag 0 > *Jul 19 19:40:50.060: RIP: ignored v2 packet from 200.0.0.2 (sourced from > one of our addresses > > > I have all of the other interfaces except for the R2 to R4 Serial link shut > down, here are those configurations: > > R2: > > key chain R2toR4 > key 1 > key-string 7 121015120A1B09163E14167A273A1047 > send-lifetime 00:00:00 Jan 1 2009 infinite > ! > ! > interface Serial0/1/0.24 point-to-point > description Frame Relay Cloud 2 > ip address 150.100.24.2 255.255.255.0 > ip rip authentication key-chain R2toR4 > frame-relay interface-dlci 204 > > > R4: > > R4#sho run | b key > key chain R2toR4 > key 1 > key-string 7 121015120A1B09163E14167A273A1047 > send-lifetime 00:00:00 Jan 1 2009 infinite > ! > ! > interface Serial0/0/0 > ip address 150.100.24.4 255.255.255.0 > ip rip authentication key-chain R2toR4 > encapsulation frame-relay > frame-relay lmi-type cisco > > > Freaking computers... > Thanks! > > -Mike > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com <http://www.ipexpert.com> > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com <http://www.ipexpert.com> _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com <http://www.ipexpert.com>
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
