OSPF MD5 Authentication

From: Keith Steller (ksteller@attbi.com)
Date: Sun Dec 29 2002 - 00:11:04 GMT-3

• Next message: OhioHondo: "RE: OSPF MD5 Authentication"
• Previous message: Fadiltakipte: "Autoinstall"
• Next in thread: OhioHondo: "RE: OSPF MD5 Authentication"
• Maybe reply: OhioHondo: "RE: OSPF MD5 Authentication"
• Maybe reply: Keith Steller: "RE: OSPF MD5 Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi-

I have an issue with OSPF MD5 authentication between NON-Broadcast peers on
a multipoint. I verified that all peers could est an adj before adding the
authentication. I added MD5 auth to all routers in the respective areas, 2
of the three routers are est the adj just fine. I have seen this before, and
I am pretty sure the keys are identical on all the serial interfaces. Anyone
else had an issue like this before? In an effort to try to reduce issues
with this, I create a key on the hub router, and then cut and paste it into
the other routers. One works, one doesnt. They all say they are using key 1.
Anyone have any ideas? Thanks in advance. K

01:36:23: OSPF: Rcv pkt from 155.100.100.1, Serial0/0.16 : Mismatch
Authentication Key - Message Digest Key 1

r1***********************************************
!
interface Serial0/0
 ip address 155.100.100.1 255.255.255.0
 encapsulation frame-relay IETF
 ip ospf message-digest-key 1 md5 1 c
 ip ospf network non-broadcast
 ip ospf hello-interval 10
 ip ospf priority 100
 no arp frame-relay
 cdp enable
 frame-relay map ip 155.100.100.2 18 broadcast
 frame-relay map ip 155.100.100.3 17 broadcast
 no frame-relay inverse-arp
!
router ospf 10
 router-id 155.100.11.1
 log-adjacency-changes
 area 0 authentication message-digest
 area 1 authentication message-digest
 network 155.100.11.1 0.0.0.0 area 0
 network 155.100.12.0 0.0.0.255 area 0
 network 155.100.100.0 0.0.0.255 area 1
 neighbor 155.100.100.3
 neighbor 155.100.100.2
!

r2***********************
!
interface Serial0/0.16 point-to-point
 ip address 155.100.100.2 255.255.255.0
 no ip directed-broadcast
 ip ospf message-digest-key 1 md5 1 c
 ip ospf network non-broadcast
 ip ospf hello-interval 10
 ip ospf priority 0
 frame-relay interface-dlci 16
!
interface FastEthernet0/1
 no ip address
 no ip directed-broadcast
 shutdown
!
interface Serial0/1
 ip address 155.100.24.2 255.255.255.0
 no ip directed-broadcast
!
router ospf 10
 network 155.100.12.0 0.0.0.255 area 0
 network 155.100.22.2 0.0.0.0 area 0
 network 155.100.24.0 0.0.0.255 area 24
 network 155.100.100.0 0.0.0.255 area 1
 area 0 authentication message-digest
 area 1 authentication message-digest
!

r3 (problem)**********************************************
!
interface Serial0/0.16 point-to-point
 ip address 155.100.100.3 255.255.255.0
 ip ospf message-digest-key 1 md5 1 c
 ip ospf network non-broadcast
 ip ospf hello-interval 10
 ip ospf priority 0
 no arp frame-relay
 frame-relay interface-dlci 16
!
router ospf 10
 router-id 155.100.33.3
 log-adjacency-changes
 area 1 authentication message-digest
 network 155.100.13.0 0.0.0.255 area 1
 network 155.100.33.3 0.0.0.0 area 1
 network 155.100.100.0 0.0.0.255 area
.

• Next message: OhioHondo: "RE: OSPF MD5 Authentication"
• Previous message: Fadiltakipte: "Autoinstall"
• Next in thread: OhioHondo: "RE: OSPF MD5 Authentication"
• Maybe reply: OhioHondo: "RE: OSPF MD5 Authentication"
• Maybe reply: Keith Steller: "RE: OSPF MD5 Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:54 GMT-3