From: Philip Neeson (Philip.Neeson@xxxxxxxxxxxxx)
Date: Fri Dec 22 2000 - 13:09:17 GMT-3
Yep, that works fine, but I would expect it to fail if there was
authentication on only one end of the link. Otherwise what's the point?
Philip.
> -----Original Message-----
> From: Rob Webber [mailto:rwebber@callisma.com]
> Sent: Friday, December 22, 2000 3:39 PM
> To: 'Philip Neeson'; ccielab@groupstudy.com
> Cc: 'Roger Robbins'
> Subject: RE: ISIS L1 Authentication.
>
>
> Hi,
>
> In this case you don't have to use the area-password command -
> that will set
> a password for the entire area. Try setting an L1 password on both serial
> interfaces:
>
> Wacky52
> !
> interface Serial0
> ip address 132.66.172.1 255.255.255.0
> ip router isis
> isis password cisco level-1
> !
> router isis
> net 00.0001.aaaa.aaaa.aaaa.00
> is-type level-1
> !
>
> Noddy
> !
> interface Serial3/2
> ip address 132.66.172.2 255.255.255.0
> ip router isis
> isis password cisco level-1
> !
> router isis
> net 00.0001.bbbb.bbbb.bbbb.00
> !
>
> Rob.
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Philip Neeson
> Sent: Thursday, December 21, 2000 9:57 PM
> To: ccielab@groupstudy.com
> Cc: Roger Robbins; Philip Neeson
> Subject: ISIS L1 Authentication.
>
>
> Hi,
>
> I have the been going through ISIS in the LAB mainly from Doyles, Routing
> TCP/IP Vol 1 (pg668-671)
>
> I'm having the following problems getting authentication working in the
> following set-up.
>
> L1 L1/L2
> [Wacky52]-----------[Noddy]------->(L2 Router)
> 11.2(24) 12.0(7)T
>
> Noddy is in the same area as Wackey and they have established a L1
> adjacency. When I set-up an "area-password cisco" within Wackey
> and "clear
> isis *" both routers then establish an L1 adjacency?? This doesn't seem
> right.
>
> As an alternative I set up L1 ISIS password on the serial of
> Wacky52 but not
> Noddy and it still works, if I change the password to be a L2 adj. fails.
> Can anyone offer any guidance? (I have the password set-up on one router
> and not the other, hence authentication should fail, when the pwd
> type is L1
> as its a L1 connection.)
>
> Thanks,
>
> Philip.
>
>
> ----------------------
>
> Wacky52
> !
> interface Serial0
> ip address 132.66.172.1 255.255.255.0
> ip router isis
> isis password cisco level-2
> !
> router isis
> net 00.0001.aaaa.aaaa.aaaa.00
> is-type level-1
> !
>
> Noddy
> !
> interface Serial3/2
> ip address 132.66.172.2 255.255.255.0
> ip router isis
> !
> router isis
> net 00.0001.bbbb.bbbb.bbbb.00
> !
>
>
> Noddy#sh clns is-neighbors detail
> System Id Interface State Type Priority Circuit Id Format
> Wacky52 Se3/2 Init L1 0 00 Phase V
> Area Address(es): 00.0001
> IP Address(es): 132.66.172.1*
> Uptime: 00:03:36
>
>
> Wacky52#show clns is-neighbors detail
> System Id Interface State Type Priority Circuit Id Format
> Noddy Se0 Up IS 0 00
> Phase V
> Area Address(es): 00.0001
> Uptime: 00:00:54
>
>
> IS-IS Adjacency related packets debugging is on
> Noddy#
> 00:14:04: ISIS-Adj: Sending serial IIH on Serial3/2, length 127
> 00:14:04: ISIS-Adj: Rec serial IIH from *HDLC* (Serial3/2), cir
> type L1, cir
> id
> 00, length 127
> 00:14:04: ISIS-Adj: rcvd state DOWN, old state INIT, new state INIT
> 00:14:04: ISIS-Adj: Action = GOING UP, new type = L1
> 00:14:12: ISIS-Adj: Sending serial IIH on Serial3/2, length 127
> 00:14:13: ISIS-Adj: Rec serial IIH from *HDLC* (Serial3/2), cir
> type L1, cir
> id
> 00, length 127
> 00:14:13: ISIS-Adj: rcvd state DOWN, old state INIT, new state INIT
> 00:14:13: ISIS-Adj: Action = GOING UP, new type = L1
> Noddy#
>
>
> Wacky52#deb isis adj
> IS-IS Adjacency related packets debugging is on
> ISIS-Adj: Sending serial IIH on Serial0
> ISIS-Adj: Rec serial IIH from *HDLC* on Serial0, cir type 3, cir id 00
> ISIS-Adj: Authentication failed
> ISIS-Adj: Sending serial IIH on Serial0
> ISIS-Adj: Rec serial IIH from *HDLC* on Serial0, cir type 3, cir id 00
> ISIS-Adj: Authentication failed
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:26:09 GMT-3