11-19-2004 07:21 AM - edited 03-02-2019 08:04 PM
I am repeatedly getting a bad authentication message on a router "bad authentication from 199.1.21.3 remote state init". What could be the cause? Cure?
Here is the port config for the two routers. The message is logged on the first router whose config is listed.
=====================
this is a 7200
interface FastEthernet1/0
description back door ethernet backbone
ip address 199.1.26.6 255.255.255.0 secondary
ip address 199.1.21.6 255.255.255.0
no ip redirects
no keepalive
full-duplex
no mop enabled
standby 2 priority 105
standby 2 preempt
standby 2 ip 199.1.21.1
standby 2 track Hssi2/0
================
this is a 7500
interface FastEthernet5/0/0
description F5/0/0 BK door 199.1.21.X
ip address 199.1.26.1 255.255.255.0 secondary
ip address 199.1.21.3 255.255.255.0
no ip redirects
full-duplex
standby 2 ip 199.1.21.1
standby 2 preempt delay minimum 10
11-19-2004 08:04 AM
What IOS are you running? I think you are running into the following cosmetic bug
http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCeb37175
11-19-2004 10:15 AM
Thanks for the reply, in fact all of the replies.
The 7200 is running IOS (tm) 7200 Software (C7200-DS-M), Version 11.2(17)P, while the 7500 is running IOS (tm) RSP Software (RSP-DSV-M), Version 12.2(19a), RELEASE SOFTWARE (fc2)
Copyright (c) 1986-2003 by cisco Systems, Inc. It does sound like a false alarm. That is a relief.
11-19-2004 08:05 AM
What is the exact error message that you are receiving on the device? Everything looks fine with your config as far as hsrp is concerned. Can you post your total config up here.
11-19-2004 10:18 AM
Here is the entire msg, copied from the log.
".Nov 19 12:35:23 EST: %STANDBY-3-BADAUTH: Bad authentication from 199.1.21.3, remote state Init"
Thanks for the reply it sounds like a false alarm, though I do have to look into upgrading the OS on the one router.
11-19-2004 08:06 AM
I think you might be running into CSCeb37175.
CSCeb37175: STANDBY-3-BADAUTH: Bad authentication, remote state Init.
Here are the release notes for this DDTS:
Release notes:
A new HSRP advertisement message introduced in 12.1(3)T in order to
support ICMP redirects may cause a STANDBY-3-BADAUTH message in
routers running older versions of IOS:
"%STANDBY-3-BADAUTH: Bad authentication from x.x.x.x, remote state Init"
This is cosmetic issue and has no affect to HSRP operation.
Workaround is to not have an HSRP group 2 on the router with the older
IOS image.
Hope this helps,
11-19-2004 10:19 AM
Thanks for the reply.
11-19-2004 08:06 AM
The thing that worries me most about the configuration is the no keepalive on the 7200. The interface will never be detected down.
Don't know whether that would explain the symptoms though.
Kevin Dorrell
Luxembourg
11-19-2004 10:59 AM
I wondered about that as well. We use one 7500 and three 7200 for HSRP. When you do a sh int there is a 10 second keepalive set on all interfaces. Must be a defualt. In contrast, sh int does not show any keepalive on any of a 7200's serial interfaces.
11-19-2004 08:10 AM
You might try putting in a specific standby authentication string in . "standby 2 authentication XXXXXX ,where XXXXX is the password . Make sure it is exactly the same on both ends .
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide