vlan authentication md 5 key

Posted on 2011-02-22
Last Modified: 2012-06-27
Hi Experts,
in a running cisco switch 3560G I have to implement a vlan.
But I don't know for what is this command and what kind of key is it ?
What kind of passwort is needed or is it just a default auth ?

interface Vlan175
 description Management VLAN
 ip address
 standby 175 ip
 standby 175 priority 90
 standby 175 preempt
 standby 175 authentication md5 key-string

Can you expalin me the commands:
 standby 175 ip
 standby 175 priority 90
 standby 175 preempt
 standby 175 authentication md5 key-string
Question by:Eprs_Admin
  • 2
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34949524

the key need to prevent attackers to become Active HSRP routert!

Best regards,
LVL 34

Assisted Solution

by:Istvan Kalmar
Istvan Kalmar earned 250 total points
ID: 34949537

Accepted Solution

torvir earned 250 total points
ID: 34950222
* standby 175 ip
  Configures a virtual IP-address that all nodes on that LAN can use as a default gateway.
  When the primary router/L3-switch goes down, the secondary one takes over this address.
  Which means that it is always reachable.
  Also called the HSRP-address

* standby 175 priority 90
  The priority for the router/L3-switch in this vlan. The highest priority gets the HSRP-address.

* standby 175 preempt
  The router with the highest priority immediatley takes the HSRP-address with preempt.
  If you don't configure preemt there is no switchover until the router that has the HSRP-address fails or is restarted.

* standby 175 authentication md5 key-string
  Authenticates HSRP messages between routers so that no other router can negotiate with them, on purpose or by mistake, without knowing the authentication key

It is also important to know that you shouldn't use the same standby-group on other router-pairs on the same vlan.
Because they choose a virtual mac-address from the group number. And two similar mac-addresses means trouble.

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Connecting to CISCO 4402 WLC 3 45
switch design question 6 43
spanning tree loop even though stp is enabled 10 57
Multiple MPLS Circuits Connecting to LAN 3 47
We all know how boring and exhausting it is to transfer huge web projects developed locally to a webserver simply via FTP. The File Transfer Protocol is a really nice solution if you need to transfer small amounts of files, but if you're plannin…
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question