RIPv1 does not support authentication. If you are sending and receiving RIP v2 packets, you can enable RIP authentication on an interface.

The key chain determines the set of keys that can be used on the interface. Authentication, including default authentication, is performed on that interface only if a key chain is configured.

Cisco supports two modes of authentication on an interface on which RIP is enabled: plain-text authentication and message digest algorithm 5 (MD5) authentication. Plain-text authentication is the default authentication in every RIPv2 packet.

Do not use plain text authentication in RIP packets for security purposes, because the unencrypted authentication key is sent in every RIPv2 packet. Use plain-text authentication when security is not an issue; for example, you can use plain-text authentication to ensure that misconfigured hosts do not participate in routing.

Specifying a RIP Version and Enabling Authentication

Configuration example:

router rip 
version {1 | 2} 
interface type number 
ip rip send version [1] [2] 
ip rip receive version [1] [2] 
ip rip authentication key-chain name-of-chain 
ip rip authentication mode {text | md5} 

Note: Key Chain needs to be configured for this to work.


debug ip rip