RE: ospf and link authentication.

From: MMoniz (ccie2002@tampabay.rr.com)
Date: Wed Jul 23 2003 - 21:47:26 GMT-3

• Next message: wwwjjang@chol.com: "Cat3550's Voice Vlan Question.."
• Previous message: Brian Dennis: "RE: ospf and link authentication."
• Maybe in reply to: John Smith: "ospf and link authentication."
• Next in thread: John Smith: "RE: ospf and link authentication."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Well, also on interface authentication, if it is a hub and spoke like
mentioned
there is no way to only authenticate one spoke to the hub, unless you have
seperate sub
interfaces to each spoke.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
asadovnikov
Sent: Wednesday, July 23, 2003 8:02 PM
To: 'ccie2be'; 'Group Study'; 'John Smith'
Subject: RE: ospf and link authentication.

I trust in 12.1T the authentication can be changed on interface level. Raj
statement is true for 12.0 though.

Best regards,
Alexei

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
ccie2be
Sent: Wednesday, July 23, 2003 4:20 PM
To: Group Study; John Smith
Subject: Re: ospf and link authentication.

Hey John,

The way I understand it, OSPF authen is on area basis which means that you
can't authen some links in an area but not others - if authen is turned on
for an area then all links must have authen. If I'm not 100% correct about
this, please somebody set me straight right away. Raj

----- Original Message -----
From: "John Smith" <c00per_omers1@yahoo.com>
To: <ccielab@groupstudy.com>
Sent: Wednesday, July 23, 2003 3:44 PM
Subject: ospf and link authentication.

> Ok I can authenticate any OSPF area with type 1 (cleartext) or type 2 (md5
hash). I can also authenticate my virtual link ...
>
> but lets say I have hub and spoke with 3 routers
>
> R1 is the hub and R2 and R3 are spokes off or R1 (R2 and R3 use R1 to get
to each other, so not full mesh). Lets call this area 0.
>
> Now assume that I don't want area 0 authentication but authentication
between R1 s0 and R3 s0, is there a doc somewhere on this or can anyone
explain the cmds?
>
> If it was area 0 authen, type 2, I'd do this, on all 3 routers gto ensure
same key throught area 0.
>
> R1 - int s0 - ip ospf message-digest-key 1 md5 cisco and then router
ospf 1 area 0 authent message-digest.
>
> So what do I do if I only want to authenticate between R1 s0 and R3 s0?
>
>
> Next question is lets say I'm not using a virtual-link but a gre tunnel,
how would I authenicate the tunnel?
>
>
>
> Regards,
>
>
>
> John
>
>
> ---------------------------------
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
>
>
> _______________________________________________________________________
> You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: wwwjjang@chol.com: "Cat3550's Voice Vlan Question.."
• Previous message: Brian Dennis: "RE: ospf and link authentication."
• Maybe in reply to: John Smith: "ospf and link authentication."
• Next in thread: John Smith: "RE: ospf and link authentication."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:51 GMT-3