3.3.1.7 Set 'authentication mode md5'

Information

Configure authentication to prevent unapproved sources from introducing unauthorized or false service messages.

Rationale:

This is part of the EIGRP authentication configuration

Impact:

Organizations should plan and implement enterprise security policies that require rigorous authentication methods for routing protocols. Using the 'authentication mode' for EIGRP address-family or service-family packets enforces these policies by restricting the type of authentication between network devices.

Solution

Configure the EIGRP address family authentication mode.

hostname(config)#router eigrp <virtual-instance-name>
hostname(config-router)#address-family ipv4 autonomous-system {eigrp_as-number}
hostname(config-router-af)#af-interface {interface-name}
hostname(config-router-af-interface)#authentication mode md5

Default Value:

Not defined

See Also

https://workbench.cisecurity.org/files/3829

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CM-6, 800-53|CM-7, 800-53|SC-23, CSCv7|11

Plugin: Cisco

Control ID: 9f3d525f5681f1ce5ad39da29a2f63769601dcabef8b5205d4d4e2832b1397e9