Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1091
Views
0
Helpful
5
Replies

OSPF MD5 Authentication on VPN Concentrator 3005

yinrong.qian
Level 1
Level 1

‎02-05-2005 08:50 PM - edited ‎02-20-2020 11:55 PM

hi,

I am trying to configure OSPF MD5 authentication between the private interface of VPN Concentrator 3005 and the internal router. The neigbor can not be established.

While using the simple text authentication or no authentication, then OSPF works fine.

How is the proper configuration to make OSPF MD5 authentication working on VPN concentrator?

Thanks,

Roger

0 Helpful
5 Replies 5

sstudsdahl
Level 4
Level 4

‎02-07-2005 08:56 AM

What version of software is your VPN concentrator running? Is your configured OSPF password for MD5 8 characters or less? In version 3.6 of the VPN concentrator software, you are only allowed to configure a password of 8 characters. In version 4.0, you are allowed to configure more than 8 characters, but the length of the password is still limited to a maximum of 8 characters. There is a bug referenced in the release notes of software version 4.1 that references this. The bug ID is CSCed78445.

Steve

0 Helpful

yinrong.qian
Level 1
Level 1
In response to sstudsdahl

‎02-07-2005 11:14 AM

Hi, Steve,

The version on my VPN concentrator is 4.1. And the password length in the testing scenario is only 5 characters.

Thanks,

Roger

0 Helpful

sstudsdahl
Level 4
Level 4
In response to yinrong.qian

‎02-07-2005 02:44 PM

Roger,

Can you provide the output from the "debug ip ospf adj" command from the router? (I'm assuming a Cisco router here.) In addition to the router debugs, can you provide the logs from the OSPF events from the VPN3000? These are not enabled by default and you will likely have to enable them. You can find this under Configuration > System > Events > Classes. Make sure that when you enable logging for OSPF that you set it to log severity values 1-5 for the specific method you will use to collect the logs.

Thanks

Steve

0 Helpful

yinrong.qian
Level 1
Level 1
In response to sstudsdahl

‎02-08-2005 12:39 AM

Hi, Steve,

I got this issue solved today from other forum. By adding the command "no capability lls" under the OSPF process on the router, the VPN concentrator can successfully establish the neighbor relationship with the router.

Some people say it is a bug on the VPN concentrator because it can not handle OSPF LLs when MD5 authentication is enabled.

I am not sure whether it is truly bug or not.

Any exaplanation on this?

0 Helpful

sstudsdahl
Level 4
Level 4
In response to yinrong.qian

‎02-08-2005 01:47 PM

Roger,

I am glad you got your issue resolved and thank you for sharing the solution with me.

I would have to agree that it is a bug just from the fact that when using clear text authentication, or not authentication at all, the VPN3000 will form a neighbor adjacency.

Steve

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card