From: Joel A. Cochran (joelc@xxxxxxxxxxxxxxxxx)
Date: Mon Feb 28 2000 - 20:00:48 GMT-3
Richard,
Keep in mind that the virtual link is a logical connection to area
0. Although you have not put any interfaces on the router with the
virtual link into area 0, the virtual link is considered an interface
in area 0.
Easy fix:
On the router not connected to area 0:
router ospf xx
area 0 authentication {message-digest} if using md5.
Set it up just as if you were on area 0... you just dont have the
interface commands.
I've tried it, and this works.
Joel Cochran, CCIE# 5448.
----- Original Message -----
From: Richard Wagner
To: 'ccielab@groupstudy.com'
Sent: Monday, February 28, 2000 4:28 PM
Subject: OSPF Authentication and Virtual Links
When configuring OSPF with multiple areas, I tried implementing md5
authentication in Area0.
I had the whole mess working without the authentication, and the
the virtual
link was working fine.
When I enable authentication in Area0, the virtual link no longer
worked.
I pounded on it for a while and just couldn't make it work. I
tried a few
things with no success:
-applying authentication parameters on the virtual-link statements
(seemed
reasonable)
-applying md5 authentication to all areas and interfaces
*everywhere* on
*every* router (shotgun approach)
(I was hoping that those desparate measures would yield a working
config
where I could remove things one-by-one to determine what was really
necessary)
The debugs would show (I'm recalling this while at work)...
"expected type
2, got type 0 for ospf authentication" or something like that
(sorry for not
being exact).
In the end, I removed all authentication statements and the world
worked
again.
There's a "stunt" here... does anybody know what it is?
Thanks for your help everybody!
Richard
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:22:54 GMT-3