From: Fred Ingham (fningham@xxxxxxxxxxxxxxxx)
Date: Fri Nov 26 1999 - 18:24:56 GMT-3
In area 0 all interfaces must use the MD5 authentication including the
virtual link.
There is no need for area 1 or area 2 authentication unless you want it
also.
For example to have authentication on area 0:
R1:
int loop 1
ip add 220.1.1.1 255.255.255.0
int e0
ip add 172.16.17.1 255.255.255.0
ip ospf message-digest key 1 md5 cisco !likewise for all area 0
! interfaces!
int e1
ip add 172.16.33.1 255.255.255.0
!
router ospf 1
network 172.16.17.1 0.0.0.0 area 0
network 172.16.33.1 0.0.0.0 area 1
area 0 authentication message-digest
area 1 virtual-link 220.2.2.2 message-digest-key 1 md5 cisco
R2:
int loop 2
ip add 220.2.2.2 255.255.255.0
int e1
ip add 172.16.33.2 255.255.255.0
int e 2
ip add 172.16.65.2 255.255.255.0
!
router ospf 2
network 172.16.33.2 0.0.0.0 area 1
network 172.16.65.2 0.0.0.0 area 2
area 0 authentication message-digest !this is frequently forgotten!
area 1 virtual-link 220.1.1.1 message-digest-key 1 md5 cisco
This should give you a start. HTH.
> Vijaykrishna wrote:
>
> I am trying to connect the disjoint non-backbone area 2 to the
> backbone area 0 via another area 1.
> I am running OSPF MD5 on the area 0 and area 2 while no authentication
> in area 1.
> I have created the virtual link between the ABRs in area 1 but the
> virtual link is not forming the adjacency.
> I tried enabling MD5 on the VL but same problem.
> Also putting the area 1 in MD5 doesn't solve the problem either.
> It works when all the authentication is disabled in all areas...
> Can anyone help ?
> thanks,
> Vijay
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:21:55 GMT-3