Quick Reference Guide

ManualsBrandsDell ManualsComputer equipmentPowerConnect B-TI24x

261

262

263

264

265

266

267

268

269

270

PowerConnect B-Series TI24X Configuration Guide 231

53-1002269-02

Virtual Switch Redundancy Protocol (VSRP)

Configuring authentication

If the interfaces on which you configure the VRID use authentication, the VSRP packets on those

interfaces also must use the same authentication. VSRP supports the following authentication

types:

• No authentication – The interfaces do not use authentication. This is the default.

• Simple – The interfaces use a simple text-string as a password in packets sent on the

interface. If the interfaces use simple password authentication, the VRID configured on the

interfaces must use the same authentication type and the same password.

To configure a simple password, enter a command such as the following at the interface

configuration level.

PowerConnect(config-if-6)# ip vsrp auth-type simple-text-auth ourpword

This command configures the simple text password “ourpword”.

Syntax: [no] ip vsrp auth-type no-auth | simple-text-auth <auth-data>

The auth-type no-auth parameter indicates that the VRID and the interface it is configured on do

not use authentication.

The auth-type simple-text-auth <auth-data> parameter indicates that the VRID and the interface it

is configured on use a simple text password for authentication. The <auth-data> value is the

password. If you use this parameter, make sure all interfaces on all the devices supporting this

VRID are configured for simple password authentication and use the same password.

Configuring security features on a VSRP-aware device

This section shows how to configure security features on a VSRP-aware device. For an overview of

this feature, refer to “VSRP-Aware security features” on page 225.

Specifying an authentication string for VSRP hello packets

The following configuration defines pri-key as the authentication string for accepting incoming

VSRP hello packets. In this example, the VSRP-aware device will accept all incoming packets that

have this authorization string.

PowerConnect(config)# vlan 10

PowerConnect(config-vlan-10)# vsrp-aware vrid 3 simple-text-auth pri-key

Syntax: vsrp-aware vrid <vrid number> simple text auth <string>

Specifying no authentication for VSRP hello packets

The following configuration specifies no authentication as the preferred VSRP-aware security

method. In this case, the VSRP device will not accept incoming packets that have authentication

strings.

PowerConnect(config)# vlan 10

PowerConnect(config-vlan-10)# vsrp-aware vrid 2 no-auth

Syntax: vsrp-aware vrid <vrid number> no-auth

The following configuration specifies no authentication for VSRP hello packets received on ports 1,

2, 3, and 4 in VRID 4. For these ports, the VSRP device will not accept incoming packets that have

authentication strings.

PowerConnect(config)# vlan 10

PowerConnect(config-vlan-10)# vsrp-aware vrid 4 no-auth port-list ethe 1 to 4