Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1733
Views
12
Helpful
5
Replies

OSPF authentication

chinpohpang851
Level 1
Level 1

‎11-02-2015 05:22 PM - edited ‎03-08-2019 02:32 AM

I'm not quite sure the diffferences of these 2 commands.

 

# ip ospf authentication  (on interface)

# area 1 authentication   ( on area)

Labels:
0 Helpful
5 Replies 5

Reza Sharifi
Hall of Fame
Hall of Fame

‎11-02-2015 06:41 PM

The first one turns on authenticatin for one an interface only and the second one for a whole area.

HTH

0 Helpful

chinpohpang851
Level 1
Level 1
In response to Reza Sharifi

‎11-02-2015 07:19 PM

but i tried the second area command it saids..  

Message digest authentication enabled

No key configured, using default key id 0

I'll still need to use #ip ospf authentication-key to create the key?

Just another question, Area 0 is regarded as Backbone area?

 

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to chinpohpang851

‎11-02-2015 07:33 PM

Yes, have a look at this example:

http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13697-25.html

Correct, area 0 is also called the backbone area.

HTH

paul driver
VIP
VIP
In response to chinpohpang851

‎11-03-2015 12:22 AM

Hello

Yes area 0 is regarded as the Backbone.

Ospf authentication  2 ways 
Global  = plain text or MD5 (router mode )
Interface = plain text or MD5

Router mode - By default enabled on all ospf interfaces but no key string is defined on the interfaces unless you wish to apply one then a key string  needs to be applied at a per interface basis

router ospf 1
area X authentication  ( message-digest- MD5)

int x/x
ip ospf authentication-key xxx ( Plain authentication)
ip ospf message-digest-key 1 md5 xxx (MD5 authentication )

if you wish NOT to run ospf authentication on a interface

int x/x
ip ospf authentication null


Interface Mode - enabled directly under the interface for which authentication is required

int x/x
ip ospf authentication (message-digest)
ip ospf authentication-key xxx ( Plain authentication)
ip ospf message-digest-key 1 md5 xxx (MD5 authentication )

sh ip ospf interface x/x | in authen

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎11-03-2015 08:55 AM

Hello,

As stated by others ,  The area authentication command in the configuration enables authentication for all the interfaces of the router in a particular area. If you want to configure plain text authentication for an interface then use  ip ospf authentication.

And Yes area 0 is backbone are in OSPF domain / network.

Hope it Helps..

-GI

Rate if it Helps

Customers Also Viewed These Support Documents
Top