From: John Neiberger (neiby@xxxxxxxxxx)
Date: Mon Oct 22 2001 - 15:44:06 GMT-3
This shouldn't be necessary if I'm using simple password authentication,
which is the case. At one point I tried MD5 to see if the results were
different, but they weren't.
Keep in mind--and I don't think I mentioned this before--I have three other
routers in area 0 and they authenticate just fine. It is only across the
virtual link that authentication breaks.
Someone else just suggested that I use two configuration lines for the
virtual link: one to turn on authentication and the other to specify the
key. I'm going to give that a shot tonight.
Thanks,
John
On Mon, 22 Oct 2001 16:29:26 +0100, Ademola Osindero wrote:
| John,
|
| You need to add
|
| area 0 authentication message-digest
|
| to R5 to inform it that this kind of authentication is been used in the
| backbone. Show ip ospf on any router should inform you whether
| authentication is been used in area 0 since all routers talk with it.
|
| Also ensure that the password used in area 0 is the same as that used for
| the virtual link. the Virtual link only serves to extend a "cut-off"
router
| to area 0. The cut off router should then be informed of what holds in
the
| backbone by specifying area 0 authentication message-digest (or
whatever).
| Since there is no direct interface on which to use ip ospf
| message-digest-key , the virtual-link serves this place and uses area 1
| virtual-link ip-address message-digest-key command.
|
| Ademola
|
|
|
| At 08:01 AM 10/22/2001 -0700, John Neiberger wrote:
| >Yep, I'm positive. I've retyped them many, many times and I learned the
| >hard way a couple of years ago the dangers of white space at the end of
| >passwords.
| >
| >Thanks,
| >John
| >
| >On Mon, 22 Oct 2001 02:11:44 -0400 (EDT), Jason Gardiner wrote:
| >
| >| White spaces at the end of passwords are killers. Are you sure the
| >| password match exactly?
| >|
| >| Thanks,
| >|
| >| Jason Gardiner
| >| Supervisor, Engineering Services
| >| Sprint <Insert Division Name>
| >|
| >| "You can swim all day in the Sea of Knowledge and
| >| still come out completely dry. Most people do."
| >|
| >| - Norton Juster
| >|
| >| On Sun, 21 Oct 2001, John Neiberger wrote:
| >|
| >| > I was working on Fatkid 401 OSPF lab tonight and I could never get
the
| >| > virtual link authentication to work correctly. No matter what I
did, I
| >| > would get errors stating I had a mismatched authentication key.
Well,
| >the
| >| > key was "cisco" so that's not too hard to type in correctly.
Still, I
| >| > played with the configs on the two relevant routers and I rebooted
them
| >| > several times, all to no avail.
| >| >
| >| > I even changed the authentication type to md5 and got the same
message.
| >| > Very weird. I thought at one point this was an IOS issue because
one
| >router
| >| > was running 11.2(7) and the other 11.2(25a). I upgraded the first
one
| >to
| >| > 11.2(25a) and I still see the same error.
| >| >
| >| > I peeked at the solution and saw that I had it configured exactly
how
| >they
| >| > suggested. Then I checked CCO and saw that they suggest the same
| >| > configuration.
| >| >
| >| > Do any of you have any tips for configuring virtual link
| >authentication?
| >| > This seems to be a pretty simple config and I don't see what I'm
| >missing.
| >| >
| >| > Thanks,
| >| > John
| >| >
| >| >
| >| >
| >| >
| >| >
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 22:33:23 GMT-3