09-26-2008 08:51 AM - edited 03-06-2019 01:37 AM
Hi guys. I`m being tasked to add OSPF authentication to all our devices that use OSPF. I did some research and I know how to do it. The thing is, I'm not sure how I could do it in a timely manner... Also, how can I tell which interface is in which OSPF process? When I do a show ip ospf, it lists the processes and tells me how many interfaces are in the process but doesn't tell me which ones.
Is there a way to enter the md5 password at the area level instead of at the interface level? That would be much quicker and easier for me.
Solved! Go to Solution.
09-26-2008 04:48 PM
Yes, on multilayer switches it is possible to use the "interface range" command similarly to this:
conf t
interface range Gig0/1 - 30
no switchport
ip ospf message-key 1 md5 xxxx
Cheers:
Istvan
09-26-2008 09:14 AM
Hi Chris,
Use the "show ip ospf interface serial1/0" type command to see which area the interface is attached to.
If you use the "show ip ospf interface", it will list all interfaces configured for OSPF.
I know only of interface level authentication as to the configuration of authentication keys.
Cheers:
Istvan
09-26-2008 10:36 AM
Thanks for your reply, Istvan, although it's a bit of a letdown since I have lots of interface to configure :( On our main switch I have 3 processes with about 30 interfaces. Is it possible to enter the "Ip ospf message-key 1 md5 password on an interface range?
09-26-2008 04:48 PM
Yes, on multilayer switches it is possible to use the "interface range" command similarly to this:
conf t
interface range Gig0/1 - 30
no switchport
ip ospf message-key 1 md5 xxxx
Cheers:
Istvan
09-29-2008 06:08 AM
Ok, thanks, I'll do more testing.
09-29-2008 09:15 AM
You may also want to remember to be careful when you apply the Md5 key: dont add any extra spaces on one side....sometimes that happens when you use Notepad to make sweeping config changes.
Thanks
Victor
09-29-2008 11:46 AM
Thanks, Victor, I will check to make sure there aren't any problems with the key. I did some tests and it seems I can set a key for an interface even though authentication is not set in the area. This simplifies my task since I'll just apply the command to a range of interfaces.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide