From: Gustavo Novais (gustavo.novais@novabase.pt)
Date: Fri May 26 2006 - 09:30:12 ART
Hi,
The problem here is that specifying ip ospf authentication under the
interface only says that the interface is using plain-text
authentication.
If you wish to force md5 encrypted auth - ip ospf authentication
message-digest.
On your current situation, you then specify a message digest key, that
is completely irrelevant, because you've just instructed the router to
use plain text auth, with no plain text key! That's why you are being
able to authenticate.
Doing a deb ip ospf auth should enlighten you a bit more.
Link to command reference :
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/
iprrp_r/ip2_i1g.htm#wp1082511
HTH.
Gustavo Novais
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Faryar Zabihi (fzabihi)
Sent: Thursday, May 25, 2006 11:03 PM
To: James Simons; Cisco certification
Subject: RE: ospf authentication methods
You are not using the CISCO password. You can change the password to
something else on one side and still form adj. and exchange routes. The
password is set to null(I think thats the default) on both sides.
I have been wrong before,
Faryar
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
James Simons
Sent: Thursday, May 25, 2006 10:04 PM
To: Cisco certification
Subject: ospf authentication methods
hello all,
I have a wierd question. Recently, I was configuring ospf
authentication on an area. I used the usual commands but I used one for
md5 authentication (ip ospf message-digest-key) and one that is used for
clear text (ip ospf authentication)...and it still worked! Any thoughts
to why? I tried debuging the packets and the ospf events but I couldn't
see anything shed any light.
the commands:
R1 and R2:
interface fa0/0
ip ospf authentication
ip ospf message-digest-key 1 md5 CISCO
cheers,
Jimmy
This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:22 ART