From: Michael Wong (Michael.Wong@xxxxxxxxxx)
Date: Tue Aug 21 2001 - 09:40:57 GMT-3
The area and domain passwords only prevents updates from being sent if authenti
cation does not match. Adjacencies can still be formed. Do a "debug isis update
-packets" and you'll see the authentication mismatch.
MW
-----Original Message-----
From: Peter Van Oene [mailto:pvo@usermail.com]
Sent: Monday, 20 August 2001 5:48 am
To: Chris Allen; ccielab@groupstudy.com
Subject: Re: ISIS Authentication
This authentication knob is used to secure ISIS control packets like CSNPs and
PSNPs. It may not be evaluated in cisco's implementation. To secure adjacency
formation, use the interface command "isis password <pwd>"
Pete
*********** REPLY SEPARATOR ***********
On 8/19/2001 at 12:46 PM Chris Allen wrote:
>Am I missing something here?
>
>I am trying to configure ISIS Area authentication, the scenario is three
>routers connected via point-to-point sub-interfaces... R1 is HUB... R1
>also connects to the backbone area but that is irrelevant for this
>example!!
>
>R5 - R1 - R4
>
>The configs are as follows
>
>R1
>router isis
>net 49.0001.1111.1111.1111.00
>area cisco
>
>R5
>router isis
>net 49.0001.5555.5555.5555.00
>area cisco
>is-type level-1
>
>R4
>router isis
>net 49.0001.4444.4444.4444.00
>is-type level-1
>
>
>I purposefully left out the area password on Router 4 so that I could see
>authentication not working, but it IS working??? I am still forming
>adjacencies and receiving all the routes for area 0001. Should this work?
>
>Chris
>**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:55 GMT-3