4. Ripv2 between pfsense and cisco

Ripv2 between pfsense and cisco

  • L

    Has someone experience with cisco?

    I have a pfsense 2.0.1 (amd64) directly connected to a cisco 2691 via the LAN interface.
    On the pfsense I've enabled RIPv2 on LAN with password "password".

    The Lan interface is 172.16.0.254
    The cisco is connected with fa0/0.

    the cisco config is the following:
    –---------------------------------------
    R1#sh run
    Building configuration...

    Current configuration : 805 bytes
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname R1
    !
    boot-start-marker
    boot-end-marker
    !
    !
    no aaa new-model
    memory-size iomem 5
    ip cef
    !
    !
    no ip domain lookup
    !
    !
    key chain cisco
    key 1
      key-string password
    !
    !
    interface FastEthernet0/0
    ip address 172.16.0.5 255.255.0.0
    ip rip authentication key-chain chain cisco
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    ip address 172.18.0.1 255.255.0.0
    duplex auto
    speed auto
    !
    !
    router rip
    version 2
    network 172.16.0.0
    network 172.18.0.0
    !
    !
    !
    no ip http server
    no ip http secure-server
    !
    !
    control-plane
    !
    !

    line con 0
    exec-timeout 0 0
    logging synchronous
    line aux 0
    line vty 0 4
    !
    !
    end

    R1#

    debugging speaks about invalid packets but the password is OK

    R1#debug ip rip
    RIP protocol debugging is on
    R1#
    *Mar  1 10:16:54.617: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/1 (172.18.0.1)
    *Mar  1 10:16:54.617: RIP: build update entries
    *Mar  1 10:16:54.617:  172.16.0.0/16 via 0.0.0.0, metric 1, tag 0
    R1#
    *Mar  1 10:17:12.441: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/0 (172.16.0.5)
    *Mar  1 10:17:12.441: RIP: build update entries
    *Mar  1 10:17:12.441:  172.18.0.0/16 via 0.0.0.0, metric 1, tag 0
    R1#
    *Mar  1 10:17:19.641: RIP: received packet with text authentication password  <-------------------OK
    *Mar  1 10:17:19.641: RIP: ignored v2 packet from 172.16.0.254 (invalid authentication)  <----------------!!!!!!!!!

    I receive no routes of WAN and DMZ on the cisco.
    Has someone any idea why there is invalid authentication?

    0
  • L

    Alain has helped me.

    The cause is a misconfiguration in cisco.
    The line "ip rip authentication key-chain chain cisco" must be "ip rip authentication key-chain cisco"

    Louis14

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy