From: Jason Morris (mcnever@gmail.com)
Date: Fri Dec 12 2008 - 19:19:12 ARST
As i understand it, the 'area 1 virtual link 1.1.1.1 authentication
message-digest' command is required if you haven't entered the command
'Area 1 authentication message-digest'.
You can force every link in an area to require authentication
(including virtual links) by using the 'area authentication' command
or you can force each individual link to authenticate using the 'ip
ospf authentication' command in interface config mode. I've always
equated the 'area 1 virtual link 1.1.1.1 authentication
message-digest' command as being the equivalent of the 'ip ospf
authen' command, just for a virtual link and not an interface....
at least thats how i understand it... (waiting for router god to correct me)
On Fri, Dec 12, 2008 at 1:59 PM, antonygrooves <antonygrooves@gmail.com> wrote:
> Hi Guys.
> I would like to know which is the best way to configure authentication in
> OSPF if i have to configure it on area 0 and for virtual links in a transit
> area.
>
> R1 in area 0 and area 1
> R2 in area 1 and area 2
>
>
> Is this correct.
> R1
> Under Ospf
> Area 0 authentication message-digest.
>
> Interface
> ip ospf message-digest 1 md5 cisco
>
>
> area 1 virtual link 1.1.1.1 authentication message-digest
> area 1 virtual link 1.1.1.1 message-digest 1 md5 cisco
>
>
> R2
> Area 1 virtual-link 1.1.2.2 authentication message-digest
> area 1 virtual-link 1.1.2.2 message-digest 1 md5 cisco
>
>
> I'm not sure if its correct to repeat in R1 for the virtual link
> authentication message-digest again or just by doing it for the backbone
> area its enough.
>
> I appreciate any help on this.
>
> Tony.
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Thu Jan 01 2009 - 12:53:08 ARST