GroupStudy.com - CCIE, CCNA, CCNP and other Cisco Certifications

Home

BookStore

StudyNotes

Links

[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Subject: RE: OSPF MD5 authentication
From: "Tom Thomas" <tothomas@xxxxxxxxx>
Date: Thu, 31 Dec 1998 09:22:15 -0500
Importance: Normal
In-reply-to: <3.0.3.32.19981231070953.0069d7d8@pop.mindspring.com>

Make sure you also turn on authentication, with the same password on the
other routers for the links. Otherwise the router ospf process will look for
the password in the lsa's coming not see it and discard the lsa as not valid
and the reverse is true a router receives the lsa that has authentication
turned on but the receiving router does not so it is not understood and
discarded.

For example

<router A> ---------- <router b>


You turn authentication for router a, you must also do the same for router
b.

Tom




-----Original Message-----
From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx]On Behalf Of
Richard Kullmann
Sent: Thursday, December 31, 1998 7:10 AM
To: Steve; Tom Thomas; Todd Lammle; cisco@xxxxxxxxxxxxxx
Subject: Re: OSPF MD5 authentication


There are two steps to enabling authentication for OSPF.  First you set up
the authentication on each interface ("ip ospf message-digest-key 1 md5
steve"), then you have to tell OSPF your intentions.  To do the second part
you need to get in the Routing Protocol Configuration Mode and turn on
authentication for the protocol.

ex.  Router#config t
     Router(config)#router ospf 1
     Router(config-router)#area 0 authentication message-digest

I hope this helps.

Rich


At 04:42 PM 12/30/98 -0500, Steve wrote:
>I configured OSPF with no authentication,  everything works and I saw all
>routes.  I inserted "ip ospf message-digest-key 1 md5 steve" under s1 on
one
>router,  I still get all ospf routes from other routers(after several
>reload).  Should I not to
>receive ospf routes because of authentication?   what is not working here?
>any ospf expert?
>
>Thanks in advance!
>
>Steve
>====================================================
>interface Serial0
>ip address 150.100.15.2 255.255.255.252
>clockrate 1000000
>!
>interface Serial1
>ip address 150.100.10.2 255.255.255.0
>encapsulation frame-relay
>ip ospf message-digest-key 1 md5 steve
>ip ospf network point-to-multipoint
>clockrate 1000000
>frame-relay map ip 150.100.10.1 201 broadcast
>frame-relay map ip 150.100.10.3 201 broadcast
>no frame-relay inverse-arp IP 203
>!
>router ospf 1
>network 150.100.10.0 0.0.0.255 area 0
>network 150.100.15.0 0.0.0.3 area 3
>network 150.100.24.16 0.0.0.15 area 11
>network 150.100.24.32 0.0.0.15 area 11
>!
>no ip classless
>ip ospf name-lookup
>
>
>---------------------
>To remove your name from the mailing list send a message to
Majordomo@xxxxxxxxxxxxxx with the body containing "UNSUBSCRIBE CISCO"
>
---------------------
To remove your name from the mailing list send a message to
Majordomo@xxxxxxxxxxxxxx with the body containing "UNSUBSCRIBE CISCO"

---------------------
To remove your name from the mailing list send a message to Majordomo@xxxxxxxxxxxxxx with the body containing "UNSUBSCRIBE CISCO"

References:
- Re: OSPF MD5 authentication
  - From: Richard Kullmann

Prev by Date: RE: Are 25XX sufficient as home lab?
Next by Date: RE: anyone subscribe ccieprep.com or ciscotests.com ccie page?
Previous by thread: Re: OSPF MD5 authentication
Next by thread: Pulling Serial Numbers remotely
Index(es):
- Date
- Thread