Enabling authentication 4, Figure 281. enabling authentication example 4, Enabling authentication – Allied Telesis AT-FS970M Series User Manual

Chapter 104: Routing Information Protocol (RIP)

1834

Enabling Authentication

Security is one of the primary requirements for corporate networks. RIP
Version 2 supports authentication to ensure that the routing information
entering into the routing table is valid and to prevent from unauthorized
access to the network.

The AlliedWare Plus™ Management Software supports two authentication
modes: plain-text and Message Digest 5 (MD5). The plain-text
authentication mode is the default setting in RIP Version 2 packets when
authentication is enabled. Because the plain-text authentication uses the
unencrypted password in routing updates, use the MD5 authentication
mode when security is an issue.

Assume that you have the networks shown in Figure 281. The routing
interfaces in VLAN 50 are RIP enabled in both receiving and sending RIP
Version 2, and VLANs 10 and 20 are associated with RIP using the
NETWORK command.

Figure 281. Enabling Authentication Example

To authenticate routing updates, set the same password on corresponding
routing interfaces. When sending a routing update, RIP adds the
password in the packet. When receiving a routing update, the switch
compares its own password with the password in the received packet. The
switch authenticates the packet only when the two passwords match. You
must configure the same password on the routing interfaces on Switches
S1 and S2 respectively.

To specify the authentication mode, use the IP RIP ANUTHENTICATION
MODE command. You must configure the same mode on the interface on
Switches S1 and S2.

To specify the authentication key, use the IP RIP AUTHENTICATION
STRING command. You must configure the same mode on the interface
on Switches S1 and S2.