From: Johnny Dedon (johnny.dedon@xxxxxxxxxx)
Date: Sat Apr 07 2001 - 14:32:40 GMT-3
Guy,
If you require authentication in the backbone area then all routers that
connect to the backbone must authenticate. Area3 in your case connects to
the backbone through the virtual link but the virtual link's job is
basically to extend area0 out to area3.
So the router in area3 must authenticate to area0 even though it doesn't
physically have a connection to area0.
I hope this makes sense.
Johnny Dedon
Senior Staff Consultant
Exodus Professional Services
johnny.dedon@exodus.net
www.exodus.net
----- Original Message -----
From: "Guy Farber" <gfarber@cisco.com>
To: <ccielab@groupstudy.com>
Sent: Saturday, April 07, 2001 5:05 AM
Subject: Authentication on virtual links
> Hi,
>
> I'm working on a lab where I have MD5 authentication on all routers in the
> backbone. When I'm connecting area 3 through area 1 to the backbone I'm
> getting an authentication mismatch on the area 0 side of the virtual link.
sh
> ip ospf virtual-links shows that md5 authentication is enabled for the
VL.
>
> Turning on MD5 authentication on the virtual link from area 3 doesn't
help.
> The only solution was to put area 0 authentication on the area 3 router.
It
> works without a password on the interface.
>
> Can anyone explain how area authentication works in this regard?
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:42 GMT-3