RE: IS-IS MD5 Authentication o CSNP/PSNP

From: kumara.shunmugam@wipro.com
Date: Thu Aug 04 2005 - 12:00:09 GMT-3

• Next message: Adam S. Roth: "RE: CCO Password Reset"
• Previous message: gladston@br.ibm.com: "Re: Fwd: IPv6 Marking"
• Maybe in reply to: gladston@br.ibm.com: "IS-IS MD5 Authentication o CSNP/PSNP"
• Next in thread: gladston@br.ibm.com: "RE: IS-IS MD5 Authentication o CSNP/PSNP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

First go thru the attached URL , which explains ISIS legacy Plain text authentication methods and configutation...

 http://www.cisco.com/warp/public/97/isis_authent.html#areaauth

Once you are clear with above methods in ISIS ,you can think the second level of authentication which comes in a form of Md5 authentication . This advanced method also can be configured in interface-wise or to the whole ISIS process/instance in a router. While you configuring the authentication under instance, you can specify whether the authentication is carried only on Level-1 LSP/CSNP/PSNP or in Level-2 packets . This is similar like the OLD legacy Area password.. where in all the routers need the same password configured...

Regards
Shunmugam

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of gladston@br.ibm.com
Sent: Thursday, August 04, 2005 5:47 AM
To: ccielab@groupstudy.com
Subject: IS-IS MD5 Authentication o CSNP/PSNP

Hi,

Reading this doc confused me about how to enable MD5 authentication on CSNP/PSNP packets.

On the first part it made me think that configuring authentication on interface I would get CSNP/PSNP authentication.
Then, it shows an example saying that CSNMP/PSNP authentication is achieve with IS-IS instance authentication.

Any clarification appreciated.

==================================
quoted

The interface-related PDUs (LAN Hello, Serial Hello, CSNP, and PSNP) can be enabled
with authentication on different interfaces, with different levels and different passwords
.
.
.
The following example configures a key chain and key for IS-IS HMAC-MD5 authentication for Ethernet interface 3 (on Hello packets)
 and for the IS-IS instance (on LSP, CSNP, and PSNP packets):

http://www.cisco.com/en/US/products/sw/iosswrel/ps1612/products_feature_guide09186a0080080d10.html#1015440
============================================================================

• Next message: Adam S. Roth: "RE: CCO Password Reset"
• Previous message: gladston@br.ibm.com: "Re: Fwd: IPv6 Marking"
• Maybe in reply to: gladston@br.ibm.com: "IS-IS MD5 Authentication o CSNP/PSNP"
• Next in thread: gladston@br.ibm.com: "RE: IS-IS MD5 Authentication o CSNP/PSNP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:18 GMT-3