ROUTE10S02L07.ppt
Download
Report
Transcript ROUTE10S02L07.ppt
Lab 2-3 Debrief
Implementing an EIGRP-Based Solution
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-1
Lab Topology
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-2
Lab Review: What Did You Accomplish?
Task 1: Configure EIGRP authentication over LAN interfaces
– What steps did you take to configure EIGRP authentication on
a LAN segment?
– How can you configure keys so they do not expire?
– How can you define the key chain used for router
authentication?
Task 2: Configure EIGRP authentication over WAN interfaces
– What steps did you take to configure EIGRP authentication on
a WAN segment?
– How can you configure keys so they do not expire?
– How can you define the key chain used for router
authentication?
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-3
Verification
• Did you have enough information to create an implementation
plan?
• Did you enable EIGRP authentication on the LAN interfaces?
• Did you use a secure authentication method for authentication
over LAN interfaces?
• Did you establish adjacencies between the routers over the LAN
interface and enter EIGRP routes into the IP routing table?
• Did you enable EIGRP authentication on the WAN interfaces?
• Didi you use a secure authentication method for authentication
over WAN interfaces?
• Did you establish adjacencies between the routers over WAN
interface and enter EIGRP routes into the IP routing table?
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-4
Checkpoints
• Configure the key chain to use for authentication on LAN
interfaces.
• Configure a key to use in the key chain for authentication over the
LAN interfaces.
• Enable secure authentication on LAN segments.
• Use the defined key chain for router authentication.
• Configure another key chain to use for authentication on WAN
interfaces.
• Configure a key to use in the key chain for authentication over the
WAN interfaces.
• Enable secure authentication on WAN segments.
• Use the defined key chain for router authentication.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-5
Sample Solution
• Use static routes to establish reachability instead of a routing
protocol, which is typically not recommended, as static routes do
not scale.
• Another routing protocol can be used to implement a similar
solution and use the supported authentication type. Changing the
routing protocol is not a realistic solution as changing the routing
protocol is not the case during fine tuning of the existing protocol.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-6
Alternative Solutions
Use static routes to establish reachability instead of routing
protocol, which is typically not possible, as static routes do not
scale.
Another routing protocol can be used to implement a similar
solution. Changing the routing protocol is not a realistic solution.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-7
Q and A
Why should you use authentication with routing protocols?
What kind of authentication does EIGRP support?
When do the keys in a key chain expire?
Can you change the key expiration time?
What is the difference between authentication on LAN and WAN
segments?
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-8
Summary
Configure EIGRP authentication on LAN segments, where the key
without expiration is used in the key chain.
Configure EIGRP authentication on WAN segments, where the
key without expiration is used in the key chain.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-9
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—2-10