From: Keith Steller (ksteller@attbi.com)
Date: Sun Dec 29 2002 - 01:22:27 GMT-3
Hello and thanks for the advice!
I got it working finally by re-adding the commands with a different key. I
am hoping there was just a space in the key.
K
-----Original Message-----
From: OhioHondo [mailto:ohiohondo@columbus.rr.com]
Sent: Saturday, December 28, 2002 10:16 PM
To: Keith Steller; ccielab@groupstudy.com
Subject: RE: OSPF MD5 Authentication
Keith
you have to be very careful when you cut and paste the password. If you
catch a space at the end of the password you'll have this problem. (I never
cut and paste the MD5 config strings for this reason). Enter the config
string for the router that is not working by hand.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Keith Steller
Sent: Saturday, December 28, 2002 10:11 PM
To: ccielab@groupstudy.com
Subject: OSPF MD5 Authentication
Hi-
I have an issue with OSPF MD5 authentication between NON-Broadcast peers on
a multipoint. I verified that all peers could est an adj before adding the
authentication. I added MD5 auth to all routers in the respective areas, 2
of the three routers are est the adj just fine. I have seen this before, and
I am pretty sure the keys are identical on all the serial interfaces. Anyone
else had an issue like this before? In an effort to try to reduce issues
with this, I create a key on the hub router, and then cut and paste it into
the other routers. One works, one doesnt. They all say they are using key 1.
Anyone have any ideas? Thanks in advance. K
01:36:23: OSPF: Rcv pkt from 155.100.100.1, Serial0/0.16 : Mismatch
Authentication Key - Message Digest Key 1
r1***********************************************
!
interface Serial0/0
ip address 155.100.100.1 255.255.255.0
encapsulation frame-relay IETF
ip ospf message-digest-key 1 md5 1 c
ip ospf network non-broadcast
ip ospf hello-interval 10
ip ospf priority 100
no arp frame-relay
cdp enable
frame-relay map ip 155.100.100.2 18 broadcast
frame-relay map ip 155.100.100.3 17 broadcast
no frame-relay inverse-arp
!
router ospf 10
router-id 155.100.11.1
log-adjacency-changes
area 0 authentication message-digest
area 1 authentication message-digest
network 155.100.11.1 0.0.0.0 area 0
network 155.100.12.0 0.0.0.255 area 0
network 155.100.100.0 0.0.0.255 area 1
neighbor 155.100.100.3
neighbor 155.100.100.2
!
r2***********************
!
interface Serial0/0.16 point-to-point
ip address 155.100.100.2 255.255.255.0
no ip directed-broadcast
ip ospf message-digest-key 1 md5 1 c
ip ospf network non-broadcast
ip ospf hello-interval 10
ip ospf priority 0
frame-relay interface-dlci 16
!
interface FastEthernet0/1
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0/1
ip address 155.100.24.2 255.255.255.0
no ip directed-broadcast
!
router ospf 10
network 155.100.12.0 0.0.0.255 area 0
network 155.100.22.2 0.0.0.0 area 0
network 155.100.24.0 0.0.0.255 area 24
network 155.100.100.0 0.0.0.255 area 1
area 0 authentication message-digest
area 1 authentication message-digest
!
r3 (problem)**********************************************
!
interface Serial0/0.16 point-to-point
ip address 155.100.100.3 255.255.255.0
ip ospf message-digest-key 1 md5 1 c
ip ospf network non-broadcast
ip ospf hello-interval 10
ip ospf priority 0
no arp frame-relay
frame-relay interface-dlci 16
!
router ospf 10
router-id 155.100.33.3
log-adjacency-changes
area 1 authentication message-digest
network 155.100.13.0 0.0.0.255 area 1
network 155.100.33.3 0.0.0.0 area 1
network 155.100.100.0 0.0.0.255 area
.
.
This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:54 GMT-3