From: Andres Zeller (azeller@xxxxxxxxxx)
Date: Sat Apr 07 2001 - 23:19:52 GMT-3
Hmmm I am using 12.0(7) on my routers. I entered the commands:
R1
router ospf 316
area 0 authentication message-digest
area 4 authentication message-digest
area 4 virtual-link 10.1.4.4 message-digest-key 1 md5 ccie
R2
router ospf 316
area 4 authentication message-digest
area 4 virtual-link 10.1.4.4 message-digest-key 1 md5 ccie
AND it works great. I wonder if you would mind showing me your config. I am
concerned about whether this is a know caveat from differing IOS or what.
Andres
Johnny Dedon wrote:
> Guy,
> If you require authentication in the backbone area then all routers that
> connect to the backbone must authenticate. Area3 in your case connects to
> the backbone through the virtual link but the virtual link's job is
> basically to extend area0 out to area3.
> So the router in area3 must authenticate to area0 even though it doesn't
> physically have a connection to area0.
> I hope this makes sense.
> Johnny Dedon
> Senior Staff Consultant
> Exodus Professional Services
> johnny.dedon@exodus.net
> www.exodus.net
> ----- Original Message -----
> From: "Guy Farber" <gfarber@cisco.com>
> To: <ccielab@groupstudy.com>
> Sent: Saturday, April 07, 2001 5:05 AM
> Subject: Authentication on virtual links
>
> > Hi,
> >
> > I'm working on a lab where I have MD5 authentication on all routers in the
> > backbone. When I'm connecting area 3 through area 1 to the backbone I'm
> > getting an authentication mismatch on the area 0 side of the virtual link.
> sh
> > ip ospf virtual-links shows that md5 authentication is enabled for the
> VL.
> >
> > Turning on MD5 authentication on the virtual link from area 3 doesn't
> help.
> > The only solution was to put area 0 authentication on the area 3 router.
> It
> > works without a password on the interface.
> >
> > Can anyone explain how area authentication works in this regard?
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:42 GMT-3