set authentication on an interface on router ospf

ciscomoderator · ‎11-10-2010

Hi,

We received this question from our CSC Facebook community

http://www.facebook.com/CiscoSupportCommunity

Arshia Enayati I need help.....
how I can set authentication on an interface on router ospf (area 0) not whole interfaces on area...

Mahesh Gohil · ‎11-10-2010

Hi,

Below is the process by which you can enable authentication on interface..same process to be repeated on far end also

interface GigabitEthernet3/0
ip address 100.100.100.1 255.255.255.252
ip ospf authentication-key cisco123
negotiation auto

interface GigabitEthernet1/0
ip address 125.62.167.1 255.255.255.252
ip ospf authentication null
negotiation auto

router ospf 100
log-adjacency-changes
area 0 authentication message-digest
network 100.100.100.0 0.0.0.3 area 0
network 125.62.167.0 0.0.0.3 area 0

but this way gig1/0 (every interface that is part of area 0) will also pass through authentication process and it will fail to estlablish adjacency. To bypass that interface you need to have below command on interface level.." ip ospf authentication null"

interface GigabitEthernet1/0
ip address 125.62.167.1 255.255.255.252
ip ospf authentication null
negotiation auto

hope this is helpful

Regards

Mahesh

Atif Awan · ‎11-10-2010

The precise answer to the question would be to configure the following under the interface:

interface

ip ospf message-digest-key 1 md5

ip ospf authentication message-digest

This will enable md5 authentication only on the desired interface and not the entire area.

Atif