Securing EIGRP
EIGRP supports route authentication by using MD5 authentication for all routing updates. The MD5
authentication prevents the introduction of unauthorized or false routing messages from unapproved sources.
Note
EIGRP route authentication is configured on a per-interface basis. All neighbors must be configured with
the same authentication mode and key for EIGRP adjacencies to be established.
EIGRP authentication can be enabled on the physical interface as follows:
Step 1. Enter the physical interface configuration mode for which EIGRP authentication needs to be
configured:
firewall(config)# interface phy_if
Step 2. Enable per-interface MD5 authentication as follows:
firewall(config-if)# authentication mode eigrp as-num md5
Step 3. Configure the secure key used by the MD5 algorithm. The key argument can contain up to 16
characters. The key-id argument is a numeric number from 0 to 255:
firewall(config-if)# authentication key eigrp as-num key key-id key-id
Network Address Translation (NAT)
NAT, also referred to as IP address masquerading, performs the translation of an IP address that is used within
one network (internal network) to a different IP address known within another network (outside world).
Pages:
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294