RE: OSPF authentication.

From: Sandro Ciffali (sandyccie@xxxxxxxxx)
Date: Wed Mar 06 2002 - 14:56:17 GMT-3

• Next message: dwhitley@xxxxxxxxx: "RE: csim start"
• Previous message: steven.j.nelson@xxxxxx: "RE: Wanted - Cisco 4 port IMA ATM T1 card for 3600"
• Maybe in reply to: RSiddappa@xxxxxxxxxx: "OSPF authentication."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I did some more research for this, Here is what i
found.

I have R1 Ethernet R2 Ethernet R3

All three routers in the same area 0

On R1 no authentication. On R2 interface
authentication only (with ip ospf message-digest-key
10 md5 cisco under interface towards R3) On R3 no
authentication at all.
I expected No adj. between R2 and R3 but i got adj.
between R2 and R3, Which tells me I have to enable
area authentication.

Then further If i enable authentication on R2 and R3
,I would loose adj. with R1 since R1 ia not
authenticating.

Finaly the working solution is, No authentication
config at all on R1, R2 has only area 0 authentication
message-digest, Under interface towards R1 ip ospf
authentication null, Under interface towards R3 ip
ospf message-digest-key 10 md5 cisco. Under R3 normal
ospf config.

This works fine.

Sandro
--- RSiddappa@NECBNS.com wrote:
> Mammor,
>
> My understnding is this, the advantage of per
> interafce authntication,
>
>
>
>
>
>
r1------e0---------------r2-------------s0-------------R3
>
> all are in area 0
>
> if i do not want to confirue autntication for the
> entire area and I just
> need Authnetication between R1 and R2 then I will
> use the interface specific
> authentication,
>
> R.
>
>
>
>
> -----Original Message-----
> From: Ahmed Mamoor Amimi [mailto:mamoor@ieee.org]
> Sent: Wednesday, March 06, 2002 3:42 AM
> To: Siddappa, Rajeev; ccielab@groupstudy.com
> Subject: Re: OSPF authentication.
>
>
> Per interface authentication is introducted in new
> codes.
> this helps when u want to a partial area of lets say
> for example area 0.
> or u can autheticate 2 routers with different
> passwrod and 2 with different.
> this give u more control over security.
>
> -Mamoor
>
> ----- Original Message -----
> From: <RSiddappa@NECBNS.com>
> To: <ccielab@groupstudy.com>
> Sent: Wednesday, March 06, 2002 2:06 PM
> Subject: OSPF authentication.
>
>
> > Some one explain me
> >
> > what is the difference between per area
> authntication
> >
> > and
> >
> > Per interafce authnetication
> >
> > R.
> >
>

• Next message: dwhitley@xxxxxxxxx: "RE: csim start"
• Previous message: steven.j.nelson@xxxxxx: "RE: Wanted - Cisco 4 port IMA ATM T1 card for 3600"
• Maybe in reply to: RSiddappa@xxxxxxxxxx: "OSPF authentication."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:56:55 GMT-3