Re: OSPF AUTHENTICATION

From: shiran guez (shiranp3@gmail.com)
Date: Sun Mar 02 2008 - 14:06:07 ARST

• Next message: Andy Alves: "RE: OSPF AUTHENTICATION"
• Previous message: Tandou Mohamed: "RE: OSPF AUTHENTICATION"
• Maybe in reply to: Tandou Mohamed: "OSPF AUTHENTICATION"
• Next in thread: Andy Alves: "RE: OSPF AUTHENTICATION"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Rik

That is not correct, there is a misconception that Area Authentication in
OSPF is really for the entire Area, it is not.
the Authentication is per link the type of the Authentication is per Area in
Cisco but it is not a must requirement according to the RFC.

you must specify in the configuration Authentication parameters on each link
you want to authenticate other wise it is null authentication.

3 types of Authentication in OSPF

null - the default what every one know as no authentication but actually it
is so considered authentication
simple - clear text authentication
digest - the hash method in cisco using md5 but also according to the RFC
you can select what you want to use as digest.

Cisco OSPF Authentication

when you want to authenticate a virtual link or any other interface you must
specify it, there is no global command, the only thing that you can set
global for an area under the router ospf is the method (null,simple,digest)
but other then null you will need to specify on the interface or virtual
link the key's (passwords you will use) so the global area authentication is
the one that create the confusion

On Sun, Mar 2, 2008 at 5:53 PM, Rik Guyler <rik@guyler.net> wrote:

> A virtual link is considered part of area 0 so if you are running
> authentication on the entire area or the lnk into area 0 then you do need
> the authentication.
>
> Rik
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Tandou Mohamed
> Sent: Sunday, March 02, 2008 10:18 AM
> To: Cisco certification
> Subject: OSPF AUTHENTICATION
>
> Hello GS,
> is this config below is ok? or don't need to configure area 41
> authentication message-digest
>
> Thanks
>
> router ospf 1
> router-id 150.150.6.6
> log-adjacency-changes
> area 0 authentication message-digest
> area 41 authentication message-digest
> area 41 virtual-link 9.9.2.2 message-digest-key 1 md5 cisco
>
> Mohamed
>
>
>
> ---------------------------------
> Never miss a thing. Make Yahoo your homepage.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>

-- 
Shiran Guez
MCSE CCNP NCE1
http://cciep3.blogspot.com
http://www.linkedin.com/in/cciep3

• Next message: Andy Alves: "RE: OSPF AUTHENTICATION"
• Previous message: Tandou Mohamed: "RE: OSPF AUTHENTICATION"
• Maybe in reply to: Tandou Mohamed: "OSPF AUTHENTICATION"
• Next in thread: Andy Alves: "RE: OSPF AUTHENTICATION"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Apr 01 2008 - 07:53:51 ART