From: Krucker, Louis (louis.krucker@xxxxxxxxxxx)
Date: Sat Apr 06 2002 - 10:07:31 GMT-3
use "ip ospf authentication message-digest <key nr> md5 cisco
"ip ospf authentication-key cisco" means plain text autentication
regards
Louis
-----Original Message-----
From: Greg Parrish
To: CiscoCCNP3@aol.com
Cc: steven.j.nelson@bt.com; ccielab@groupstudy.com
Sent: 06.04.2002 14:27
Subject: Re: OSPF Virtual links.
It appears you are mixing plain authentication with MD5 authentication.
Does this
config actually work? You have plain authentication on the interfaces
and then
you call for MD5 authentication on the area.
Greg
CiscoCCNP3@aol.com wrote:
> hiya,
>
> In a message dated 4/3/02 4:07:34 PM Eastern Standard Time,
> steven.j.nelson@bt.com writes:
>
> > My question is this :-
> >
> > Is it enough to have the command area 0 authentication
message-digest
> > confgured under R1's routing process and the relevant passwords on
the
> >
>
> here i have authentication on the transit area link to area 0 from my
current
> setup, (actually from Solie's Enchilada lab)
>
> (area0)p2m frame----s0.1--r1--s0.2-----p2p frame (area 10)
---r7---area 70
>
> R1
> interface Serial0.1 multipoint
> description to P2M FRAME R2/R3
> ip address 155.100.13.1 255.255.255.0
> ip ospf authentication-key cisco
> <edit>
> interface Serial0.2 point-to-point
> description to P2P FRAME R7
> ip address 155.100.17.1 255.255.255.0
> <edit>
> router ospf 1
> router-id 1.1.1.1
> log-adjacency-changes
> area 0 authentication message-digest
> area 10 virtual-link 7.7.7.7
>
> R7
> interface Serial0/0
> bandwidth 64
> ip address 155.100.17.7 255.255.255.0
> ip ospf authentication-key cisco
> ip ospf network point-to-point
> <edit>
> router ospf 7
> router-id 7.7.7.7
> log-adjacency-changes
> area 0 authentication message-digest
> area 10 virtual-link 1.1.1.1
> network 155.100.7.7 0.0.0.0 area 10
> network 155.100.17.0 0.0.0.255 area 10
> network 155.100.70.0 0.0.0.255 area 70
>
> the key is to see the hellos supressed on the sh ip os virtual-link
>
> R1#sh ip ospf virt
> Virtual Link OSPF_VL0 to router 7.7.7.7 is up
> Run as demand circuit
> DoNotAge LSA allowed.
> Transit area 10, via interface Serial0.2, Cost of using 64
> Transmit Delay is 1 sec, State POINT_TO_POINT,
> Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
> Hello due in 00:00:04
> Adjacency State FULL (Hello suppressed)
> Index 3/4, retransmission queue length 0, number of retransmission
1
> First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
> Last retransmission scan length is 1, maximum is 1
> Last retransmission scan time is 0 msec, maximum is 0 msec
> Message digest authentication enabled
> No key configured, using default key id 0
> R1#
> CC_R7#sh ip osp virt
> Virtual Link OSPF_VL2 to router 1.1.1.1 is up
> Run as demand circuit
> DoNotAge LSA allowed.
> Transit area 10, via interface Serial0/0, Cost of using 1562
> Transmit Delay is 1 sec, State POINT_TO_POINT,
> Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
> Hello due in 00:00:01
> Adjacency State FULL (Hello suppressed)
> Index 1/2, retransmission queue length 0, number of retransmission
1
> First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
> Last retransmission scan length is 1, maximum is 1
> Last retransmission scan time is 0 msec, maximum is 0 msec
> Message digest authentication enabled
> No key configured, using default key id 0
> CC_R7#
>
> hope that helps, 6 days to RTP
>
> peace \/
>
> joey r / r|p
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:57 GMT-3