Lab kita kali ini akan membahas authentication dalam membangun EIGRP relation.
Lab 6 - EIGRP - Authentication
Topologi yang digunakan sbb :
Skenarionya adalah R1 dan R2 akan bersama melakukan authentication MD5 untuk membangun EIGRP relation.
Konfigurasi R1:
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0
ip address 12.12.12.1 255.255.255.0
!
router eigrp 10
network 1.1.1.1 0.0.0.0
network 12.12.12.1 0.0.0.0
no auto-summary
interface Serial0/0
ip address 12.12.12.1 255.255.255.0
!
router eigrp 10
network 1.1.1.1 0.0.0.0
network 12.12.12.1 0.0.0.0
no auto-summary
Konfigurasi R2 :
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 23.23.23.2 255.255.255.0
!
interface Serial0/0
ip address 12.12.12.2 255.255.255.0
!
router eigrp 10
network 2.2.2.2 0.0.0.0
network 12.12.12.2 0.0.0.0
network 23.23.23.2 0.0.0.0
no auto-summary
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 23.23.23.2 255.255.255.0
!
interface Serial0/0
ip address 12.12.12.2 255.255.255.0
!
router eigrp 10
network 2.2.2.2 0.0.0.0
network 12.12.12.2 0.0.0.0
network 23.23.23.2 0.0.0.0
no auto-summary
Konfigurasi R3 :
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 23.23.23.3 255.255.255.0
!
router eigrp 10
network 3.3.3.3 0.0.0.0
network 23.23.23.3 0.0.0.0
no auto-summary
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 23.23.23.3 255.255.255.0
!
router eigrp 10
network 3.3.3.3 0.0.0.0
network 23.23.23.3 0.0.0.0
no auto-summary
Pertama kita buat key chain dengan nama EIGRP dan key-string CISCO di router R1 dan R2 :
R1(config)#key chain EIGRP
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string CISCO
R1(config-keychain-key)#exit
R1(config-keychain)#int s0/0
R1(config-if)#ip authentication mode eigrp 10 md5
R1(config-if)#ip authentication key-chain eigrp 10 EIGRP
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string CISCO
R1(config-keychain-key)#exit
R1(config-keychain)#int s0/0
R1(config-if)#ip authentication mode eigrp 10 md5
R1(config-if)#ip authentication key-chain eigrp 10 EIGRP
R2(config)#key chain EIGRP
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string CISCO
R2(config-keychain-key)#exit
R2(config-keychain)#int s0/0
R2(config-if)#ip authentication mode eigrp 10 md5
R2(config-if)#ip authentication key-chain eigrp 10 EIGRP
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string CISCO
R2(config-keychain-key)#exit
R2(config-keychain)#int s0/0
R2(config-if)#ip authentication mode eigrp 10 md5
R2(config-if)#ip authentication key-chain eigrp 10 EIGRP
Untuk verifikasi authentication, kita gunakan command debug eigrp packet di R1 :
R1(config)#
*Mar 1 00:42:51.067: EIGRP: Sending HELLO on Loopback0
*Mar 1 00:42:51.071: AS 10, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar 1 00:42:51.083: EIGRP: Received HELLO on Loopback0 nbr 1.1.1.1
*Mar 1 00:42:51.083: AS 10, Flags 0x0, Seq 0/0 idbQ 0/0
*Mar 1 00:42:51.083: EIGRP: Packet from ourselves ignored
*Mar 1 00:42:51.159: EIGRP: received packet with MD5 authentication, key id = 1
*Mar 1 00:42:51.163: EIGRP: Received HELLO on Serial0/0 nbr 12.12.12.2
*Mar 1 00:42:51.163: AS 10, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
Kita cek EIGRP relation di R1 :
R1(config)#do sh ip eigrp neighbor
IP-EIGRP neighbors for process 10
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 12.12.12.2 Se0/0 13 00:02:31 40 240 0 30
Yes, EIGRP relation antara R1 dan R2 sudah berjalan dengan baik :)
Tidak ada komentar:
Posting Komentar