Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ripv2 between pfsense and cisco

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 1 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      louis14
      last edited by

      Has someone experience with cisco?

      I have a pfsense 2.0.1 (amd64) directly connected to a cisco 2691 via the LAN interface.
      On the pfsense I've enabled RIPv2 on LAN with password "password".

      The Lan interface is 172.16.0.254
      The cisco is connected with fa0/0.

      the cisco config is the following:
      –---------------------------------------
      R1#sh run
      Building configuration...

      Current configuration : 805 bytes
      !
      version 12.4
      service timestamps debug datetime msec
      service timestamps log datetime msec
      no service password-encryption
      !
      hostname R1
      !
      boot-start-marker
      boot-end-marker
      !
      !
      no aaa new-model
      memory-size iomem 5
      ip cef
      !
      !
      no ip domain lookup
      !
      !
      key chain cisco
      key 1
        key-string password
      !
      !
      interface FastEthernet0/0
      ip address 172.16.0.5 255.255.0.0
      ip rip authentication key-chain chain cisco
      duplex auto
      speed auto
      !
      interface FastEthernet0/1
      ip address 172.18.0.1 255.255.0.0
      duplex auto
      speed auto
      !
      !
      router rip
      version 2
      network 172.16.0.0
      network 172.18.0.0
      !
      !
      !
      no ip http server
      no ip http secure-server
      !
      !
      control-plane
      !
      !

      line con 0
      exec-timeout 0 0
      logging synchronous
      line aux 0
      line vty 0 4
      !
      !
      end

      R1#


      debugging speaks about invalid packets but the password is OK

      R1#debug ip rip
      RIP protocol debugging is on
      R1#
      *Mar  1 10:16:54.617: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/1 (172.18.0.1)
      *Mar  1 10:16:54.617: RIP: build update entries
      *Mar  1 10:16:54.617:  172.16.0.0/16 via 0.0.0.0, metric 1, tag 0
      R1#
      *Mar  1 10:17:12.441: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/0 (172.16.0.5)
      *Mar  1 10:17:12.441: RIP: build update entries
      *Mar  1 10:17:12.441:  172.18.0.0/16 via 0.0.0.0, metric 1, tag 0
      R1#
      *Mar  1 10:17:19.641: RIP: received packet with text authentication password  <-------------------OK
      *Mar  1 10:17:19.641: RIP: ignored v2 packet from 172.16.0.254 (invalid authentication)  <----------------!!!!!!!!!

      I receive no routes of WAN and DMZ on the cisco.
      Has someone any idea why there is invalid authentication?

      1 Reply Last reply Reply Quote 0
      • L
        louis14
        last edited by

        Alain has helped me.

        The cause is a misconfiguration in cisco.
        The line "ip rip authentication key-chain chain cisco" must be "ip rip authentication key-chain cisco"

        Louis14

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.