Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1977
Views
10
Helpful
2
Replies

NX-OS OSPF Key Chain authentication algorithms

Go to solution
bryantsteve
Level 1
Level 1

‎09-19-2017 08:53 AM - edited ‎03-08-2019 12:05 PM

In configuring OSPF key chain authentication on Nexus switch NX-OS 7.3.0 I need to specifiy the cryptologic algorithm ( needs to be hmac-sha-256), I have been unable to find a configuration option in the key chain sub menu. In XE-IOS cryptolographic-algorithmn <  > option  is available under the key chain <   > key <> in configuration mode. Does anyone know if/where this option is available in NX-OS 7.3.0?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Andrea Testino
Cisco Employee
Cisco Employee

‎09-20-2017 06:45 AM

Hi Bryan,

 

Is this a Nexus 5000/6000 you are trying to configure? I'm assuming so since you mentioned NX-OS 7.3(0) is your current software version.

 

Unfortunately, hmac-sha-256 is not supported as a cryptographic algorithm in this particular platform. Only MD5 and simple password are.

 

You can see this in the Nexus 5K/6K configuration guides:

 

"Authentication

You can configure authentication on OSPFv2 messages to prevent unauthorized or invalid routing updates in your network. Cisco NX-OS supports two authentication methods:

  • Simple password authentication
  • MD5 authentication digest"

Please let me know if by chance you meant a different platform other than N5K/N6K.

 

Hope that helps!

 

- Andrea

- Andrea, CCIE #56739 R&S

View solution in original post

2 Replies 2

Go to solution
Andrea Testino
Cisco Employee
Cisco Employee

‎09-20-2017 06:45 AM

Hi Bryan,

 

Is this a Nexus 5000/6000 you are trying to configure? I'm assuming so since you mentioned NX-OS 7.3(0) is your current software version.

 

Unfortunately, hmac-sha-256 is not supported as a cryptographic algorithm in this particular platform. Only MD5 and simple password are.

 

You can see this in the Nexus 5K/6K configuration guides:

 

"Authentication

You can configure authentication on OSPFv2 messages to prevent unauthorized or invalid routing updates in your network. Cisco NX-OS supports two authentication methods:

  • Simple password authentication
  • MD5 authentication digest"

Please let me know if by chance you meant a different platform other than N5K/N6K.

 

Hope that helps!

 

- Andrea

- Andrea, CCIE #56739 R&S

Go to solution
bryantsteve
Level 1
Level 1
In response to Andrea Testino

‎09-20-2017 07:40 AM

Andrea thank you for your reply Yes these are  Nexus 5000 switches, I do need to use key chain with  SHA 256 so hopefully there is another SW version that suppports this feature

0 Helpful
Customers Also Viewed These Support Documents