Details

Configure authentication to prevent unapproved sources from introducing unauthorized or false routing messages.

Rationale:

This is part of the EIGRP authentication configuration

Impact:

Organizations should plan and implement enterprise security policies that require rigorous authentication methods for routing protocols. Configuring the interface with ‘ip authentication mode’ for EIGRP by number and mode enforces these policies by restricting the exchanges between network devices.

Solution

Configure the interface with the EIGRP authentication mode.

hostname(config)#interface {interface_name}
hostname(config-if)#ip authentication mode eigrp {eigrp_as-number} md5

Default Value:

Not set

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/3160https://workbench.cisecurity.org/files/3160

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Cisco.

References

• 800-53|SC-8(1)
• CSCv6|11
• CSCv7|11

Source

• Tenable.com/audits