资源预览内容
第1页 / 共5页
第2页 / 共5页
第3页 / 共5页
第4页 / 共5页
第5页 / 共5页
亲,该文档总共5页全部预览完了,如果喜欢就下载吧!
资源描述
RIP 认证的验证认证的验证试验拓扑:试验拓扑:试验目的:验证试验目的:验证 RIP 认证,其中包括明文认证的双向认证认证,其中包括明文认证的双向认证和单项认证;密文认证的双向认证和单向认证。和单项认证;密文认证的双向认证和单向认证。试验环境:如上拓扑,试验环境:如上拓扑,r1 和和 r2 均使用均使用 RIPv2 协议。协议。试验步骤:试验步骤:1、 预配置预配置r1#conf t Enter configuration commands, one per line. End with CNTL/Z. r1(config)#host router1 router1(config)#no ip do router1(config)#no ip domain-lo router1(config)#lin con 0 router1(config-line)#no exec-t router1(config-line)#logg sy router1(config-line)#login router1(config-line)#exit router1(config)#int s1/2 router1(config-if)#ip add 12.0.0.1 255.255.255.0 router1(config-if)#no shu router1(config-if)#int lo 0 router1(config-if)#ip add 1.1.1.1 255.255.255.255 router1(config-if)#r2#conf t Enter configuration commands, one per line. End with CNTL/Z. r2(config)#host router2 router2(config)#no ip domain-lo router2(config)#lin con 0 router2(config-line)#no exec-trouter2(config-line)#logg sy router2(config-line)#login router2(config-line)#exit router2(config)#int s2/1 router2(config-if)#ip add 12.0.0.2 255.255.255.0 router2(config-if)#no shut router2(config-if)#int lo 0 router2(config-if)#ip add 2.2.2.2 255.255.255.2552、 配置 RIProuter1#conf t Enter configuration commands, one per line. End with CNTL/Z. router1(config)#router rip router1(config-router)#net 1.1.1.1 router1(config-router)#net 12.0.0.0 router1(config-router)#ver router1(config-router)#version 2router1#conf t Enter configuration commands, one per line. End with CNTL/Z. router1(config)#router rip router1(config-router)#net 1.1.1.1 router1(config-router)#net 12.0.0.0 router1(config-router)#ver router1(config-router)#version 23、 配置认证密码,并设置为明文认证配置认证密码,并设置为明文认证router1(config)#key chain r1 router1(config-keychain)#ke 1 router1(config-keychain-key)#key-string norver router1(config-keychain-key)#ke 2 router1(config-keychain-key)#key-string cisco router1(config-keychain-key)#exit router1(config-keychain)#exit router1(config)#int s1/2 router1(config-if)#ip rip au key-chain r1 router1(config-if)#ip rip au mod text router1(config-if)#router2#conf t Enter configuration commands, one per line. End with CNTL/Z. router2(config)#key chain r1 router2(config-keychain)#key 1router2(config-keychain-key)#key-string cisco router2(config-keychain-key)#ke 2 router2(config-keychain-key)#key-string norvel router2(config-keychain-key)#ke 3 router2(config-keychain-key)#key-string 12345 router2(config-keychain-key)#exit router2(config-keychain)#exit router2(config)#int s2/1 router2(config-if)#ip rip au key-chain r1 router2(config-if)#ip rip au mod text router2(config-if)#4、验证明文单向认证、验证明文单向认证router1#de ip rip RIP protocol debugging is on router1# RIP: received packet with text authentication cisco RIP: received v2 update from 12.0.0.2 on Serial1/2 /明文明文/认证通过认证通过2.0.0.0/8 - 0.0.0.0 in 1 hops router1#router2#de ip rip RIP protocol debugging is on router2# RIP: sending v2 update to 224.0.0.9 via Serial2/1 (12.0.0.2)2.0.0.0/8 - 0.0.0.0, metric 1, tag 0 RIP: sending v2 update to 224.0.0.9 via Loopback0 (2.2.2.2)12.0.0.0/8 - 0.0.0.0, metric 1, tag 0 RIP: ignored v2 packet from 2.2.2.2 (sourced from one of our addresses) router2#c RIP: received packet with text authentication norver RIP: ignored v2 packet from 12.0.0.1 (invalid authentication) /明文认证失败明文认证失败5、 明文双向认证的配置及验证明文双向认证的配置及验证配置:将配置:将 router1 的的 key1 密码更改为密码更改为 ciscorouter1#conf t Enter configuration commands, one per line. End with CNTL/Z. router1(config)#key chain r1 router1(config-keychain)#key 1 router1(config-keychain-key)#ke router1(config-keychain-key)#key-string cisco router1(config-keychain-key)#验证明文双向认证router1#de ip rip RIP protocol debugging is on router1#cle ip route * router1# RIP: sending general request on Serial1/2 to 224.0.0.9 RIP: sending general request on Loopback0 to 224.0.0.9 RIP: ignored v2 packet from 1.1.1.1 (sourced from one of our addresses) router1# RIP: received packet with text authentication cisco RIP: received v2 update from 12.0.0.2 on Serial1/2 /明文认证通过明文认证通过2.0.0.0/8 - 0.0.0.0 in 1 hops RIP: sending v2 update to 224.0.0.9 via Serial1/2 (12.0.0.1)1.0.0.0/8 - 0.0.0.0, metric 1, tag 0 RIP: sending v2 update to 224.0.0.9 via Loopback0 (1.1.1.1)2.0.0.0/8 - 0.0.0.0, metric 2, tag 012.0.0.0/8 - 0.0.0.0, metric 1, tag 0 RIP: ignored v2 packet from 1.1.1.1 (sourced from one of our addresses) RIP: sending v2 update to 224.0.0.9 via Serial1/2 (12.0.0.1)1.0.0.0/8 - 0.0.0.0, metric 1, tag 0 RIP: sending v2 update to 224.0.0.9 via Loopback0 (1.1.1.1)2.0.0.0/8 - 0.0.0.0, metric 2, tag 012.0.0.0/8 - 0.0.0.0, metric 1, tag 0 RIP: ignored v2 packet from 1.1.1.1 (sourced from one of our addresses)router2#de ip rip RIP protocol debugging is on router2# RIP: received packet with text authentication cisco RIP: received v2 request from 12.0.0.1 on Serial2/1 /明文认证通过明文认证通过 router2#6、 验证密文单向和双向认证验证密文单向和双向认证配置密文验证配置密文验证router1(config)#int s1/2 router1(config-if)#ip rip au mod md5 router1(config-if)#router2(config)#int s2/1 router2(config-if)#ip rip au mod md5验证密文单向认证验证密文单向认证router1(config)#ke chain
网站客服QQ:2055934822
金锄头文库版权所有
经营许可证:蜀ICP备13022795号 | 川公网安备 51140202000112号