From: Fred Ingham (fningham@xxxxxxxxxxxxxxxx)
Date: Sun Oct 17 1999 - 15:07:27 GMT-3
As you already know authentication for an area has to be on all
interfaces in the area. With a virtual link the authentication also has
to be on the two virtual link statements and area 0 on r2. (The virtual
link extends area 0 to r2.)
for r2 and r3 the key configuration statements are:
r3
(all interfaces in area 0)
ip ospf message-digest-key 1 md5 ccie
router ospf 3
area 0 authentication message-digest
area 3 virtual-link 150.100.2.2 message-digest-key 1 md5 ccie
r2
router ospf 2
area 3 virtual-link 150.100.3.3 message-digest-key 1 md5 ccie
area 0 authentication message-digest
where 150.100.2.2 and 150.100.3.3 represent the RIDs of routers 2 and 3
respectively. The most common problem is to forget the area 0 statement
on r2.
HTH.
D Digler wrote:
>
> I'm trying to configure OSPF with MD5 authentication.
>
> (Area 0)R3(Area 3)---------(Area 3)R2(Area 5)--------R5(Area 5)
>
> I have a virtual link thru area 3. Everything works fine when there is no
> authentication. As soon as I add authentication to the routers in area 0 it
> seems that authentication is also activated on my virtual link on R3 and I
> loose connectivity to Area 5. R3's side of the V-L is using authentication
> but R2's side is not. I could not remove the MD5 authentication on R3's
> V-L. I also tried activating MD5 on R2's V-L but could not.
>
> Any help or configs would be appreciated.
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:21:53 GMT-3