STIGQter STIGQter: STIG Summary: Cisco IOS Router RTR Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to use a loopback address as the source address when originating MSDP traffic.

DISA Rule

SV-216638r531085_rule

Vulnerability Number

V-216638

Group Title

SRG-NET-000512-RTR-000011

Rule Version

CISC-RT-000950

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure the router to use its loopback address is used as the source address when sending MSDP packets.

R2(config)#ip msdp peer x.44.2.34 connect-source lo12 remote-as nn

Check Contents

Verify that the loopback interface is used as the source address for all MSDP packets generated by the router.

ip msdp peer x.44.2.34 connect-source Loopback12 remote-as nn

If the router does not use its loopback address as the source address when originating MSDP traffic, this is a finding.

Vulnerability Number

V-216638

Documentable

False

Rule Version

CISC-RT-000950

Severity Override Guidance

Verify that the loopback interface is used as the source address for all MSDP packets generated by the router.

ip msdp peer x.44.2.34 connect-source Loopback12 remote-as nn

If the router does not use its loopback address as the source address when originating MSDP traffic, this is a finding.

Check Content Reference

M

Target Key

4027

Comments