RE: OSPF md5 authentication

From: Anthony Pace (anthonypace@xxxxxxxxxxx)
Date: Sat Jul 06 2002 - 18:23:22 GMT-3

• Next message: Anthony Pace: "Re: Simple IRDP Operation"
• Previous message: dwclemons: "Re: Dlsw queueing methods"
• Maybe in reply to: kym blair: "OSPF md5 authentication"
• Next in thread: Gyori Gábor: "RE: OSPF md5 authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Are both lines of configuration necessary? I have seen OSPF examples of
clear-text and MD5 where just one line was configured on the actual
interface and the "ip ospf authentication message-digest" or "ip ospf
authentication" was ommited. I experemented with it an it seems to
function ok without the extra line. Is this line superfluous or is it a
legacy command?

Anthony Pace

On Fri, 5 Jul 2002 21:04:20 +0200, "Gyuri Gabor" <Gabor.Gyori@lnx.hu>
said:
> Make sure to add the
> ip ospf authentication message-digest
> ip ospf message-digest-key 1 md5 xxx
>
> on all of the three participating interfaces (an hub and all the
> spokes).
> It works for me like this, even if I do not put authentication on the
> whole
> area0 in ospf router
> configuration.
>
> Gabor
>
> > -----Original Message-----
> > From: kym blair [mailto:kymblair@hotmail.com]
> > Sent: Friday, July 05, 2002 12:04 AM
> > To: ccielab@groupstudy.com
> > Cc: tlarus@cox.net; nshah@connect.com.au
> > Subject: OSPF md5 authentication
> >
> >
> > This has been discussed several times, but I haven't see a
> > working solution
> > and hope someone has it:
> >
> > --MD5 authentication in area 0 over Frame Relay
> >
> > --hub router (multipoint subinterface; okay to change the
> > ospf network type)
> >
> > -- two spoke routers (physical serial interface; cannot
> > change the interface
> > type from non-broadcast [this means that the three routers
> > must elect DR;
> > you may set the priority to 0 on the spoke routers]).
> >
> > Adjacencies without authentication, but when a
> > message-digest-key is added
> > to the three, the hub router forms an adjacency with only one
> > of the spokes.
> > Generates a mismatch key error with the second spoke router.
> >
> > If you know the trick to get the hub to form adjacencies with
> > both spokes,
> > I'd sure appreciate hearing it.
> >
> >
> > Thanks,
> >
> > Kym
> >
> >
> >
> >

• Next message: Anthony Pace: "Re: Simple IRDP Operation"
• Previous message: dwclemons: "Re: Dlsw queueing methods"
• Maybe in reply to: kym blair: "OSPF md5 authentication"
• Next in thread: Gyori Gábor: "RE: OSPF md5 authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:20 GMT-3