Configuring IP Routing Protocol-Independent Features

Managing Authentication Keys

Command

Purpose

 

 

Router(config-if)#ip route-cache policy

Enables fast switching of policy routing.

 

 

Enabling Local Policy Routing

Packets that are generated by the router are not normally policy routed. To enable local policy routing for such packets, indicate which route map the router should use by using the following command in global configuration mode. All packets originating on the router will then be subject to local policy routing.

Command

Purpose

 

 

Router(config)# ip local policy route-map map-tag

Identifies the route map to use for local policy routing.

 

 

Use the show ip local policy EXEC command to display the route map used for local policy routing, if one exists.

Managing Authentication Keys

Key management is a method of controlling authentication keys used by routing protocols. Not all protocols can use key management. Authentication keys are available for Director Response Protocol (DRP) Agent, Enhanced IGRP (EIGRP), and RIP Version 2.

Before you manage authentication keys, authentication must be enabled. See the appropriate protocol chapter to learn how to enable authentication for that protocol.

To manage authentication keys, define a key chain, identify the keys that belong to the key chain, and specify how long each key is valid. Each key has its own key identifier (specified with the key chain configuration command), which is stored locally. The combination of the key identifier and the interface associated with the message uniquely identifies the authentication algorithm and Message Digest 5 (MD5) authentication key in use.

You can configure multiple keys with lifetimes. Only one authentication packet is sent, regardless of how many valid keys exist. The software examines the key numbers in order from lowest to highest, and uses the first valid key it encounters. The lifetimes allow for overlap during key changes. Note that the router must know the time. Refer to the Network Time Protocol (NTP) and calendar commands in the “Performing Basic System Management” chapter of the Cisco IOS Configuration Fundamentals Configuration Guide.

To manage authentication keys, use the following commands beginning in global configuration mode:

 

Command

Purpose

Step 1

 

 

Router(config)#key chain name-of-chain

Identifies a key chain.

Step 2

 

 

Router(config-keychain)# key number

Identifies the key number in key chain

 

 

configuration mode.

Step 3

 

 

Router(config-keychain-key)# key-stringtext

Identifies the key string in key chain

 

 

configuration mode.

 

 

 

 

 

 

 

Cisco IOS IP Configuration Guide

 

 

 

 

 

 

 

 

 

 

IPC-377

Page 422 Page 424
Page 423
Image 423
Cisco Systems 78-11741-02 manual Managing Authentication Keys, Enabling Local Policy Routing, IPC-377
Page 422 Page 424
Top Page Image Contents