Re: OSPF VLink and MD5

From: Vijaykrishna (vijaykrishna@xxxxxxxxxxx)
Date: Fri Nov 26 1999 - 20:38:07 GMT-3

• Next message: Chuah Eng Wee: "CCIE #5335"
• Previous message: Fred Ingham: "Re: OSPF VLink and MD5"
• Maybe in reply to: Vijaykrishna: "OSPF VLink and MD5"
• Next in thread: Denton Bobeldyk: "Re: OSPF VLink and MD5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
James / Fred you were right, the piece of config I was missing was the area
0 auth config in the non backbone area router.... you don't even imagine it
!

Andrew, the config put by Fred was pretty much similar to what I was using
except that I had enabled MD5 auth in area 2 also...

thanks guys !
- VJ

-----Original Message-----
From: Fred Ingham <fningham@worldnet.att.net>
To: Vijaykrishna <vijaykrishna@netzero.net>; ccielab@groupstudy.com
<ccielab@groupstudy.com>; cisco@groupstudy.com <cisco@groupstudy.com>
Date: Friday, November 26, 1999 5:17 PM
Subject: Re: OSPF VLink and MD5

>In area 0 all interfaces must use the MD5 authentication including the
>virtual link.
>There is no need for area 1 or area 2 authentication unless you want it
>also.
>
>For example to have authentication on area 0:
>R1:
>int loop 1
>ip add 220.1.1.1 255.255.255.0
>int e0
>ip add 172.16.17.1 255.255.255.0
>ip ospf message-digest key 1 md5 cisco !likewise for all area 0
>! interfaces!
>int e1
>ip add 172.16.33.1 255.255.255.0
>!
>router ospf 1
>network 172.16.17.1 0.0.0.0 area 0
>network 172.16.33.1 0.0.0.0 area 1
>area 0 authentication message-digest
>area 1 virtual-link 220.2.2.2 message-digest-key 1 md5 cisco
>
>R2:
>int loop 2
>ip add 220.2.2.2 255.255.255.0
>int e1
>ip add 172.16.33.2 255.255.255.0
>int e 2
>ip add 172.16.65.2 255.255.255.0
>!
>router ospf 2
>network 172.16.33.2 0.0.0.0 area 1
>network 172.16.65.2 0.0.0.0 area 2
>area 0 authentication message-digest !this is frequently forgotten!
>area 1 virtual-link 220.1.1.1 message-digest-key 1 md5 cisco
>
>This should give you a start. HTH.
>
>> Vijaykrishna wrote:
>>
>> I am trying to connect the disjoint non-backbone area 2 to the
>> backbone area 0 via another area 1.
>> I am running OSPF MD5 on the area 0 and area 2 while no authentication
>> in area 1.
>> I have created the virtual link between the ABRs in area 1 but the
>> virtual link is not forming the adjacency.
>> I tried enabling MD5 on the VL but same problem.
>> Also putting the area 1 in MD5 doesn't solve the problem either.
>> It works when all the authentication is disabled in all areas...
>> Can anyone help ?
>> thanks,
>> Vijay

• Next message: Chuah Eng Wee: "CCIE #5335"
• Previous message: Fred Ingham: "Re: OSPF VLink and MD5"
• Maybe in reply to: Vijaykrishna: "OSPF VLink and MD5"
• Next in thread: Denton Bobeldyk: "Re: OSPF VLink and MD5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:21:55 GMT-3