Details

Specify the type of authentication used in Enhanced Interior Gateway Routing Protocol (EIGRP) packets per interface.

Rationale:

Configuring EIGRP authentication key-chain number and name to restrict packet exchanges between network devices.

Impact:

Organizations should plan and implement enterprise security policies that require rigorous authentication methods for routing protocols. Configuring the interface with ‘ip authentication key chain’ for EIGRP by name and number enforces these policies by restricting the exchanges between network devices.

Solution

Configure the interface with the EIGRP key chain.

hostname(config)#interface {interface_name}
hostname(config-if)#ip authentication key-chain eigrp {eigrp_as-number} {eigrp_key-chain_name}

Default Value:

Not set

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/3156https://workbench.cisecurity.org/files/3156

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Cisco.

References

• 800-53|SC-8(1)
• CSCv6|11
• CSCv7|11

Source

• Tenable.com/audits