From: William Lijewski (ccie8642@hotmail.com)
Date: Fri Jul 25 2003 - 13:21:05 GMT-3
The Virtual Link is using a 'NULL' password since there isn't one
configured. Use the command 'show ip ospf virtual-link' on each router and
take a look at the last line. You should add the authentication-key to the
virtual-link on both sides so it uses the same password as the rest of area
0 since the virtual-link is an extension of area 0.
Bill Lijewski
CCIE #8642
>From: "ccie2be" <ccie2be@nyc.rr.com>
>Reply-To: "ccie2be" <ccie2be@nyc.rr.com>
>To: "Group Study" <ccielab@groupstudy.com>
>Subject: Unexpected ospf authentication behavior
>Date: Fri, 25 Jul 2003 10:40:44 -0400
>
>Hi,
>
>I got authentication to work where I expected it wouldn't. Here's the
>setup:
>
>
>R3 area0 R1 area1 R5 area 5
>
>
>Area 0 has simple authen enabled and there's a virtual link between R1 and
>R5
>and R1 & R5 share an Ethernet.
>
>Here are portions of the configs of R1 and R5
>
>R1
>
>router os 1
>area 0 authen
>area 1 virtual-link 192.168.5.5
>
>(Interfaces in Area0 include the command, " ip os authentication-key 0
>ccie")
>
>R5
>
>router os 1
>area 0 authen
>area 1 virtual-link 192.168.1.1
>
>Except, for area 0 authen, as seen above, no other authentication commands
>were used on R5. Therefore, R5 has no knowledge of the area 0 password,
>ccie,
>but routes in area 5 are still seen on R1. I expected I would have had to
>add
>additional commands to R1 and R5 to specify the area 0 password, but I
>didn't
>have to. All routers are running IOS 12.1.
>
>Is this suppose to work this way? Or, is this some sort of anomoly?
>
>Thanks, Raj
>
>
>_______________________________________________________________________
>You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:53 GMT-3