ROUTE10S02L07.ppt

Download Report

Transcript ROUTE10S02L07.ppt 

Lab 2-3 Debrief
Implementing an EIGRP-Based Solution
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-1
Lab Topology
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-2
Lab Review: What Did You Accomplish?
 Task 1: Configure EIGRP authentication over LAN interfaces
– What steps did you take to configure EIGRP authentication on
a LAN segment?
– How can you configure keys so they do not expire?
– How can you define the key chain used for router
authentication?
 Task 2: Configure EIGRP authentication over WAN interfaces
– What steps did you take to configure EIGRP authentication on
a WAN segment?
– How can you configure keys so they do not expire?
– How can you define the key chain used for router
authentication?
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-3
Verification
• Did you have enough information to create an implementation
plan?
• Did you enable EIGRP authentication on the LAN interfaces?
• Did you use a secure authentication method for authentication
over LAN interfaces?
• Did you establish adjacencies between the routers over the LAN
interface and enter EIGRP routes into the IP routing table?
• Did you enable EIGRP authentication on the WAN interfaces?
• Didi you use a secure authentication method for authentication
over WAN interfaces?
• Did you establish adjacencies between the routers over WAN
interface and enter EIGRP routes into the IP routing table?
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-4
Checkpoints
• Configure the key chain to use for authentication on LAN
interfaces.
• Configure a key to use in the key chain for authentication over the
LAN interfaces.
• Enable secure authentication on LAN segments.
• Use the defined key chain for router authentication.
• Configure another key chain to use for authentication on WAN
interfaces.
• Configure a key to use in the key chain for authentication over the
WAN interfaces.
• Enable secure authentication on WAN segments.
• Use the defined key chain for router authentication.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-5
Sample Solution
• Use static routes to establish reachability instead of a routing
protocol, which is typically not recommended, as static routes do
not scale.
• Another routing protocol can be used to implement a similar
solution and use the supported authentication type. Changing the
routing protocol is not a realistic solution as changing the routing
protocol is not the case during fine tuning of the existing protocol.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-6
Alternative Solutions
 Use static routes to establish reachability instead of routing
protocol, which is typically not possible, as static routes do not
scale.
 Another routing protocol can be used to implement a similar
solution. Changing the routing protocol is not a realistic solution.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-7
Q and A
 Why should you use authentication with routing protocols?
 What kind of authentication does EIGRP support?
 When do the keys in a key chain expire?
 Can you change the key expiration time?
 What is the difference between authentication on LAN and WAN
segments?
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-8
Summary
 Configure EIGRP authentication on LAN segments, where the key
without expiration is used in the key chain.
 Configure EIGRP authentication on WAN segments, where the
key without expiration is used in the key chain.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-9
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-10