STIGQter: STIG Summary: Cisco IOS XE Router RTR Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to use a loopback address as the source address when originating MSDP traffic.

DISA Rule

SV-216733r531086_rule

Vulnerability Number

V-216733

Group Title

SRG-NET-000512-RTR-000011

Rule Version

CISC-RT-000950

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the router to use its loopback address is used as the source address when sending MSDP packets.

R2(config)#ip msdp peer x.44.2.34 connect-source lo12 remote-as nn

Check Contents

Verify that the loopback interface is used as the source address for all MSDP packets generated by the router.

ip msdp peer x.44.2.34 connect-source Loopback12 remote-as nn

If the router does not use its loopback address as the source address when originating MSDP traffic, this is a finding.

Vulnerability Number

V-216733

Documentable

False

Rule Version

CISC-RT-000950

Severity Override Guidance

Verify that the loopback interface is used as the source address for all MSDP packets generated by the router.

ip msdp peer x.44.2.34 connect-source Loopback12 remote-as nn

If the router does not use its loopback address as the source address when originating MSDP traffic, this is a finding.

Check Content Reference

M

Target Key

4028

Comments