OSPF area 17 is exists between R1 fa0/0 and SW1 fa0/14. In this example i first introduce MD5 authentication and then plain text authentication.
To enable MD5 authentication
Router 1
int fa0/0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 CISCO
SW 1
int fa0/14
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 CISCO
To enable plain text authentication
Router 1
router ospf 1
area 17 authentication
int fa0/0
ip ospf authentication-key CISCO
SW1
router ospf 1
area 17 authentication
int fa0/14
ip ospf authentication-key CISCO
In both cases the verification is to check the neighbor adjanceny is established. Also execute a ‘show ip ospf interface’ to ensure that authentication is denoted as enabled and the authentication type is as expected.
To enable MD5 authentication
Router 1
int fa0/0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 CISCO
SW 1
int fa0/14
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 CISCO
To enable plain text authentication
Router 1
router ospf 1
area 17 authentication
int fa0/0
ip ospf authentication-key CISCO
SW1
router ospf 1
area 17 authentication
int fa0/14
ip ospf authentication-key CISCO
In both cases the verification is to check the neighbor adjanceny is established. Also execute a ‘show ip ospf interface’ to ensure that authentication is denoted as enabled and the authentication type is as expected.
The area x authentication command can be used either at the interface level or the global routing process level. If applied under the global routing process then, as expected, it applies to all interfaces in the specified area. This can be overidden by the interface level command, so allowing different authentication algorithms to co-exist in the same OSPF area.
No comments:
Post a Comment