Skip to Content
Cisco IOS Cookbook, 2nd Edition
book

Cisco IOS Cookbook, 2nd Edition

by Kevin Dooley, Ian Brown
December 2006
Intermediate to advanced
1188 pages
72h 8m
English
O'Reilly Media, Inc.
Content preview from Cisco IOS Cookbook, 2nd Edition

Increasing HSRP Security

Problem

You want to increase the Security of HSRP between two (or more) routers.

Solution

You can configure HSRP to use password authentication with the following commands:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface FastEthernet 0/1
Router1(config-if)#standby 1 ip 172.22.1.1 
Router1(config-if)#standby 1 priority 120
Router1(config-if)#standby 1 authentication OREILLY
Router1(config-if)#exit
Router1(config)#end
Router1#

You must configure the same authentication password on all routers within the same HSRP group or the conflicts will prevent HSRP from working:

Router2#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router2(config)#interface FastEthernet 1/0
Router2(config-if)#standby 1 ip 172.22.1.1 
Router2(config-if)#standby 1 priority 110
Router2(config-if)#standby 1 authentication OREILLY
Router2(config-if)#exit
Router2(config)#end
Router2#

Beginning with IOS Version 12.3(2)T, Cisco introduced support for MD5-encrypted passwords. To configure strong MD5-encrypted passwords, use the following commands:

Router1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface FastEthernet0/1                         
Router1(config-if)#standby 1 ip 10.1.1.1                          
Router1(config-if)#standby 1 priority 200                         
Router1(config-if)#standby 1 authentication md5 key-string OREILLY
Router1(config-if)#end
Router1#

You must also configure the same password and encryption ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

IP Routing on Cisco IOS, IOS XE, and IOS XR: An Essential Guide to Understanding and Implementing IP Routing Protocols

IP Routing on Cisco IOS, IOS XE, and IOS XR: An Essential Guide to Understanding and Implementing IP Routing Protocols

Brad Edgeworth, Aaron Foss, Ramiro Garza Rios
Cisco IOS in a Nutshell, 2nd Edition
Cisco Software-Defined Access

Cisco Software-Defined Access

Srilatha Vemula, Jason Gooley, Roddie Hasan
Learning the Cisco Application-Centric Infrastructure (ACI)

Publisher Resources

ISBN: 0596527225Supplemental ContentErrata Page