From: Anthony Sequeira (terry.francona@gmail.com)
Date: Sun Jan 09 2005 - 04:18:48 GMT-3
Hi all!
I think I have stumbled upon something while playing with
authentication in OSPF. Pardon me if this is really old news.
Call me crazy - but I never want (or seem to need) to use the area x
authentication command again!
In order to configure either Type 1 or Type 2 authentication between
peers - simply do the following on INTERFACES:
Type 1 Exampe:
ip ospf authentication
ip ospf authentication-key cisco
Type 2 Example:
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
I am thinking about making these methods my new best practices - I
found it more quick to configure this way - and I also found that it
eliminated the need for additional manipulation of virtual links......
Comments?????
One potential issue that I see is that if Cisco says in the lab that
you must authenticate in area 0 - and you do it using this method -
and you have virtual links - you are not truly meeting the requirement
since there is not authentication on the virtual link which is part of
area 0.
This archive was generated by hypermail 2.1.4 : Wed Feb 02 2005 - 22:10:20 GMT-3