From: wwwjjang@chol.com
Date: Mon Aug 11 2003 - 23:05:21 GMT-3
Hi..Everyone
When i config a OSPF's interface Authenticaion ,
it don't work well !!
Please help me..
---------
Question
----------
- R5(S 1.1 multipoint),R1(S1) & R6(S1) is connected with a FR-network
& covered with a OSPF area 0 & in a same subnet
- Configure the strongest form of authentication on R1 & R6 across
the frame network
- Ensure that the authentication passwords on R1 & R6 are different.
use a 'test1' on R1 and 'test2' on R6.
-OSPF's Router ID is 133.10.x.x (x= the # of router)
(ex R1's id= 133.10.1.1)
-----------
My answer
-----------
R5>
---- interface Serial1.1 multipoint ip address 133.10.156.5 255.255.255.0 ip ospf authentication message-digest ** ip ospf message-digest-key 1 md5 password1 ** ip ospf message-digest-key 2 md5 password6 ** frame-relay map ip 133.10.156.1 501 broadcast frame-relay map ip 133.10.156.6 506 broadcast ----- R1> ----- interface Serial0 ip address 133.10.156.1 255.255.255.0 encapsulation frame-relay ip ospf authentication message-digest ** ip ospf message-digest-key 1 md5 password1 ** ip ospf priority 0 frame-relay map ip 133.10.156.5 105 broadcast frame-relay map ip 133.10.156.6 105 broadcast no frame-relay inverse-arp frame-relay lmi-type ansi ---- R6> ----- interface Serial1 ip address 133.10.156.6 255.255.255.0 encapsulation frame-relay ip ospf authentication message-digest ** ip ospf message-digest-key 2 md5 password6 ** ip ospf priority 0 frame-relay map ip 133.10.156.1 605 broadcast frame-relay map ip 133.10.156.5 605 broadcast no frame-relay inverse-arp frame-relay lmi-type ansi=> But the neighbor relationship between R5 & R1 is not established !! (R5 & R6's is established !!) R5#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface 133.10.6.6 0 FULL/DROTHER 00:01:49 133.10.156.6 Serial1.1 N/A 0 ATTEMPT/DROTHER - 133.10.156.1 Serial1.1
=>Fitst, When i remove the R5-R6's authentication, the Neighbor relation is between R5 & R1 established (it's trivial)
R5(config)#interface Serial1.1 multipoint R5(config-subif)#no ip ospf message-digest-key 2 md5 password6 00:26:55: %OSPF-5-ADJCHG: Process 1, Nbr 133.10.1.1 on Serial1.1 from LOADING to FULL, Loading Done
=> Second, When i add a the R5-R6's authentication, the Neighbor relation is between R5 & R6 established
R5(config)#interface Serial1.1 multipoint R5(config-subif)#ip ospf message-digest-key 2 md5 password6
00:30:29: %OSPF-5-ADJCHG: Process 1, Nbr 133.10.6.6 on Serial1.1 from LOADING to FULL, Loading Done
=> the ospf neighboring between R5 & R1, R5 & R6 are established !!!
R5#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface 133.10.1.1 0 FULL/DROTHER 00:01:34 133.10.156.1 Serial1.1 133.10.6.6 0 FULL/DROTHER 00:01:52 133.10.156.6 Serial1.1
=>what the reason of this situation !!! who know the reason, Help me !!!!
Thanks .
This archive was generated by hypermail 2.1.4 : Tue Sep 02 2003 - 18:53:57 GMT-3