Filter
Top Products
Configuring IP Routing Protocol-Independent Features
Managing Authentication Keys
IPC-377
Cisco IOS IP Configuration Guide
Enabling Local Policy Routing
Packets that are generated by the router are not normally policy routed. To enable local policy routing
for such packets, indicate which route map the router should use by using the following command in
global configuration mode. All packets originating on the router will then be subject to local policy
routing.
Use the show ip local policy EXEC command to display the route map used for local policy routing, if
one exists.
Managing Authentication Keys
Key management is a method of controlling authentication keys used by routing protocols. Not all
protocols can use key management. Authentication keys are available for Director Response Protocol
(DRP) Agent, Enhanced IGRP (EIGRP), and RIP Version 2.
Before you manage authentication keys, authentication must be enabled. See the appropriate protocol
chapter to learn how to enable authentication for that protocol.
To manage authentication keys, define a key chain, identify the keys that belong to the key chain, and
specify how long each key is valid. Each key has its own key identifier (specified with the key chain
configuration command), which is stored locally. The combination of the key identifier and the interface
associated with the message uniquely identifies the authentication algorithm and Message Digest 5
(MD5) authentication key in use.
You can configure multiple keys with lifetimes. Only one authentication packet is sent, regardless of how
many valid keys exist. The software examines the key numbers in order from lowest to highest, and uses
the first valid key it encounters. The lifetimes allow for overlap during key changes. Note that the router
must know the time. Refer to the Network Time Protocol (NTP) and calendar commands in the
“Performing Basic System Management” chapter of the Cisco IOS Configuration Fundamentals
Configuration Guide.
To manage authentication keys, use the following commands beginning in global configuration mode:
Command Purpose
Router(config-if)# ip route-cache policy
Enables fast switching of policy routing.
Command Purpose
Router(config)# ip local policy route-map map-tag
Identifies the route map to use for local policy routing.
Command Purpose
Step 1
Router(config)#key chain name-of-chain
Identifies a key chain.
Step 2
Router(config-keychain)# key number
Identifies the key number in key chain
configuration mode.
Step 3
Router(config-keychain-key)# key-string text
Identifies the key string in key chain
configuration mode.