RE: OSPF Authentication

From: Bjarne Jensås (jensaas@online.no)
Date: Tue Sep 24 2002 - 15:40:37 GMT-3

• Next message: Joe Martin: "RE: Soile's Skynet Lab"
• Previous message: j choi: "looking for lab date in Beijing or Singapore"
• Maybe in reply to: Dave Stoddard: "OSPF Authentication"
• Next in thread: Ayman Hamza: "Re: OSPF Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello Dave!

You are using the wrong interface command when you try to set the
Key...

Try this:
interface Serial0/0.4 multipoint
 ip address 135.3.12.4 255.255.255.248
 ip ospf authentication message-digest (This command is not needed
either since you have enabled authentication under the ospf process)
 ip ospf message-digest-key 1 md5 secure
 ip ospf network non-broadcast
 frame-relay map ip 135.3.12.3 300 broadcast
 frame-relay map ip 135.3.12.4 401 broadcast
 frame-relay map ip 135.3.12.6 401 broadcast
 no frame-relay inverse-arp

Regards

Bjarne

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Dave Stoddard
Sent: 24. september 2002 10:40
To: ccielab@groupstudy.com
Subject: OSPF Authentication

1> I have the following configuration (only a portion shown) &
1> everything is
working fine. The specific requirement I'm working on is MD5
authentication in area 1. What I don't understand is that when I issue
the show ip ospf interface command it shows "Message digest
authentication enabled", but "No key configured, using default key id
0". Why does it show no key configured?

2> When the lab asks to use MD5 authentication, does it matter
2> encryption
type, i.e. "<0-7> Encryption type (0 for not yet encrypted, 7 for
proprietary)"?

interface Serial0/0.4 multipoint
 ip address 135.3.12.4 255.255.255.248
 ip ospf authentication message-digest
 ip ospf authentication-key 6 secure
 ip ospf network non-broadcast
 frame-relay map ip 135.3.12.3 300 broadcast
 frame-relay map ip 135.3.12.4 401 broadcast
 frame-relay map ip 135.3.12.6 401 broadcast
 no frame-relay inverse-arp
!
router ospf 100
 router-id 135.3.4.4
 log-adjacency-changes
 area 0 authentication
 area 1 authentication message-digest
 area 1 virtual-link 135.3.6.6 authentication message-digest
authentication-key 6 secure area 1 virtual-link 135.3.3.3
authentication message-digest authentication-key 6 secure
passive-interface Ethernet0/0 passive-interface Serial0/1 network
135.3.4.0 0.0.0.255 area 1 network 135.3.12.0 0.0.0.7 area 1 network
135.3.28.0 0.0.0.255 area 0 neighbor 135.3.12.3 neighbor 135.3.12.6

**********************

r4#sh ip ospf int
Serial0/0.4 is up, line protocol is up
  Internet Address 135.3.12.4/29, Area 1
  Process ID 100, Router ID 135.3.4.4, Network Type NON_BROADCAST, Cost:
64
  Transmit Delay is 1 sec, State DR, Priority 1
  Designated Router (ID) r4, Interface address 135.3.12.4
  No backup designated router on this network
  Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
    Hello due in 00:00:06
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 4
  Last flood scan time is 0 msec, maximum is 4 msec
  Neighbor Count is 2, Adjacent neighbor count is 2
    Adjacent with neighbor r3
    Adjacent with neighbor r6
  Suppress hello for 0 neighbor(s)
  Message digest authentication enabled
      No key configured, using default key id 0

• Next message: Joe Martin: "RE: Soile's Skynet Lab"
• Previous message: j choi: "looking for lab date in Beijing or Singapore"
• Maybe in reply to: Dave Stoddard: "OSPF Authentication"
• Next in thread: Ayman Hamza: "Re: OSPF Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:44:02 GMT-3