Re: OSPF Authentication ?

From: Stephen C. Feldberg (scfeldberg@xxxxxxxxxxx)
Date: Fri Dec 14 2001 - 11:59:01 GMT-3

• Next message: Thomas Larus: "Is there any need to specify bandwidth on ethernet interfaces, since the default should always be correct?"
• Previous message: Hotmail: "Re: PIX Working Correctly?"
• Maybe in reply to: Annu: "OSPF Authentication ?"
• Next in thread: Palacios, Gonzalo: "RE: OSPF Authentication ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Annu,

There are known issues that have been posted in earlier threads regarding
OSPF MD5 authentication between IOS 11.x and 12.x- there seems to be an
incompatibility that cannot be resolved. See if you can't upgrade the code
on the 11.2 router.

Steve
----- Original Message -----
From: "Annu" <annu_roopa@yahoo.com>
To: <ccielab@groupstudy.com>
Sent: Friday, December 14, 2001 12:14 AM
Subject: OSPF Authentication ?

> Gurus,
>
> I have the following setup with which I am trying to
> do OSPF MD5 authentication.
>
> R9
> | eo=.1
> |
> |--------------------------| (192.1.1.0/24)
> |e0=.2 |.3
> R11 R12
> |
> |
> R1
>
> R9/R11/R12 are in area 1
> R1 is in Area 100 with Virtual link to R9.
>
> The problem is that OSPF authentication between R9 and
> R12 is not working.Its working between R9 and R11 on
> same Ethernet network. It gives "invalid
> authentication type" error on R9. The configs and
> version information is as follows.
>
> R12 (11.2(17)
> ----
> interface Ethernet0
> ip address 192.1.1.1 255.255.255.0
> no ip directed-broadcast
> no ip route-cache
> ip ospf message-digest-key 1 md5 roopa
> no ip mroute-cache
>
> router ospf 100
> network 10.0.0.0 0.255.255.255 area 0
> network 192.1.1.0 0.0.0.255 area 1
> area 0 authentication message-digest
> area 1 authentication message-digest
> area 1 virtual-link 3.3.3.3
>
> R9#debug ip ospf events
> OSPF events debugging is on
> termsrver#
> 01:13:42: OSPF: Send with youngest Key 0
> 01:13:43: OSPF: Send with youngest Key 1
> 01:13:43: OSPF: Send with youngest Key 1
> 01:13:50: OSPF: Rcv pkt from 192.1.1.3, Ethernet0 :
> Mismatch Authentication type. Input packet specified
> type 0, we use type 2
> 01:13:52: OSPF: Send with youngest Key 0
> 01:13:53: OSPF: Send with youngest Key 1
> 01:13:53: OSPF: Send with youngest Key 1
> 01:14:00: OSPF: Rcv pkt from 192.1.1.3, Ethernet0 :
> Mismatch Authentication type. Input packet specified
> type 0, we use type 2
>
>
> ---------------------
>
> On R12 (Version 12.0(5)
>
> interface Ethernet0
> ip address 192.1.1.3 255.255.255.0
> no ip directed-broadcast
> no ip route-cache
> ip ospf message-digest-key 1 md5 roopa
> ip ospf priority 100
> no ip mroute-cache
>
> router ospf 100
> network 3.3.3.3 0.0.0.0 area 1
> network 172.16.0.0 0.0.255.255 area 100
> network 192.1.1.0 0.0.0.255 area 1
> area 1 authentication message-digest
> area 1 virtual-link 1.1.1.1 message-digest-key 1 md5
> roopa
>
> ------------------------
> AM I missing something or doing something wrong ?? i
> think it could be a bug.The "debug ip ospf packet"
> shows correct Auth type.
>
> Let me know.Thanks for ur time to got thru this.
>
> Annu
>
>
>

• Next message: Thomas Larus: "Is there any need to specify bandwidth on ethernet interfaces, since the default should always be correct?"
• Previous message: Hotmail: "Re: PIX Working Correctly?"
• Maybe in reply to: Annu: "OSPF Authentication ?"
• Next in thread: Palacios, Gonzalo: "RE: OSPF Authentication ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:43 GMT-3