2 authentication mode, 3 interface (vrrp) – CANOGA PERKINS 9175 Command Reference User Manual

CanogaOS Command Reference

17-2

17.2 authentication mode

To authenticate Virtual Router Redundancy Protocol (VRRP) packets received from other routers in the

group, use the authentication mode command in router configuration mode. To disable VRRP

authentication, use the no form of this command.

Command Syntax

authentication mode {md5 | text} key-string

no authentication mode

text key-string

Plain text authentication. The text-string argument is the authentication

string and can be up to eight alphanumeric characters. There is no default

value.

md5 key-string

Message digest 5 (MD5) authentication. MD5 authentication is not

supported yet.

Default

VRRP authentication is disabled.

Command Mode

Router configuration

Usage

When a VRRP packet arrives from another router in the VRRP group, its authentication string is

compared to the string configured on the local system. If the strings match, the message is accepted. If

they do not match, the packet is discarded. The authentication string is sent unencrypted in all VRRP

messages when using the authentication mode text key-string option.

All routers within the VRRP group must be configured with the same authentication string. If the same

authentication string is not configured, the routers in the VRRP group will not communicate with each

other and any misconfigured router in the group will change its state to master.

Examples

The following example shows how to configure an authentication text string of x30dn78k:

router vrrp 1

authentication mode text x30dn78k

Related Commands

router vrrp

17.3 interface (VRRP)

To enable the Virtual Router Redundancy Protocol (VRRP) protocol on a specified interface, use the

interface command in router mode. To disable VRRP protocol on this interface, use the no form of this

command.