OSPF Authentication

From: Dave Stoddard (dstoddard@thrupoint.net)
Date: Tue Sep 24 2002 - 14:58:30 GMT-3

• Next message: Larson, Chris: "RE: NAT oh NAt (part deux)"
• Previous message: George E Lampro Super Genius: "RE:"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I sent this question yesterday, but I didn't see that it made it to the
list. So sorry if somehow this makes it to the list twice.

1> I have the following configuration (only a portion shown) & everything is
working fine. The specific requirement I'm working on is MD5 authentication
in area 1. What I don't understand is that when I issue the show ip ospf
interface command it shows "Message digest authentication enabled", but "No
key configured, using default key id 0". Why does it show no key
configured?

2> When the lab asks to use MD5 authentication, does it matter encryption
type, i.e. "<0-7> Encryption type (0 for not yet encrypted, 7 for
proprietary)"?

interface Serial0/0.4 multipoint
 ip address 135.3.12.4 255.255.255.248
 ip ospf authentication message-digest
 ip ospf authentication-key 6 secure
 ip ospf network non-broadcast
 frame-relay map ip 135.3.12.3 300 broadcast
 frame-relay map ip 135.3.12.4 401 broadcast
 frame-relay map ip 135.3.12.6 401 broadcast
 no frame-relay inverse-arp
!
router ospf 100
 router-id 135.3.4.4
 log-adjacency-changes
 area 0 authentication
 area 1 authentication message-digest
 area 1 virtual-link 135.3.6.6 authentication message-digest
authentication-key 6 secure
 area 1 virtual-link 135.3.3.3 authentication message-digest
authentication-key 6 secure
 passive-interface Ethernet0/0
 passive-interface Serial0/1
 network 135.3.4.0 0.0.0.255 area 1
 network 135.3.12.0 0.0.0.7 area 1
 network 135.3.28.0 0.0.0.255 area 0
 neighbor 135.3.12.3
 neighbor 135.3.12.6

**********************

r4#sh ip ospf int
Serial0/0.4 is up, line protocol is up
  Internet Address 135.3.12.4/29, Area 1
  Process ID 100, Router ID 135.3.4.4, Network Type NON_BROADCAST, Cost: 64
  Transmit Delay is 1 sec, State DR, Priority 1
  Designated Router (ID) r4, Interface address 135.3.12.4
  No backup designated router on this network
  Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
    Hello due in 00:00:06
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 4
  Last flood scan time is 0 msec, maximum is 4 msec
  Neighbor Count is 2, Adjacent neighbor count is 2
    Adjacent with neighbor r3
    Adjacent with neighbor r6
  Suppress hello for 0 neighbor(s)
  Message digest authentication enabled
      No key configured, using default key id 0

• Next message: Larson, Chris: "RE: NAT oh NAt (part deux)"
• Previous message: George E Lampro Super Genius: "RE:"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:44:01 GMT-3