Cisco Systems 78-11741-02 manual Enabling the DRP Server Agent, Limiting the Source of DRP Queries

Configuring IP Services

Managing IP Connections

To configure and maintain the DRP Server Agent, perform the tasks described in the following sections. The task in the first section is required; the tasks in the remaining sections are optional.

•Enabling the DRP Server Agent (Required)

•Limiting the Source of DRP Queries (Optional)

•Configuring Authentication of DRP Queries and Responses (Optional)

To monitor and maintain the DRP Server Agent, see the section “Monitoring and Maintaining the DRP Server Agent” later in this chapter.

For an example of configuring a DRP Server Agent, see the section “DRP Server Agent Example” at the end of this chapter.

Enabling the DRP Server Agent

The DRP Server Agent is disabled by default. To enable it, use the following command in global configuration mode:

Limiting the Source of DRP Queries

As a security measure, you can limit the source of valid DRP queries. If a standard IP access list is applied to the interface, the Server Agent will respond only to DRP queries originating from an IP address in the list. If no access list is configured, the Server Agent will answer all queries.

If both an access group and a key chain (described in the next section) have been configured, both security mechanisms must allow access before a request is processed.

To limit the source of valid DRP queries, use the following command in global configuration mode:

Configuring Authentication of DRP Queries and Responses

Another available security measure is to configure the DRP Server Agent to authenticate DRP queries and responses. You define a key chain, identify the keys that belong to the key chain, and specify how long each key is valid. To do so, use the following commands beginning in global configuration mode:

Cisco IOS IP Configuration Guide

IPC-86