03-13-2024 11:45 PM
I have isr 8300 series at each site user wants to use AES encryption for without creating ipsec. Actually user is using ospf for multiple stations.
Please any one help me out from this issue.
03-14-2024 02:04 AM
The requirement was not clear - you like to use OSPF with AES encryption.
what IOS Xe code running on it. ?
provide other end sample configuration for us to understand the environment.
03-14-2024 02:14 AM
Yes, I need AES encryption with ospf.
Is it possible ?
03-14-2024 02:26 AM
what IOS Xe code running on it. ?
provide other end sample configuration for us to understand the environment.
03-15-2024 12:28 AM - edited 03-21-2024 04:00 AM
Hi balaji.bandi sorry for late response.
IOS versions :- 17.06.03a.SPA.bin and I don't have any configuration. I can share the network diag only.
03-21-2024 04:02 AM
Hi Team,
Please share the configuration of the above network.
Thank you.
03-14-2024 02:36 AM
Its very important to know the version, but this is a general method:
1 - Configure OSPF with the "ip ospf authentication" command.
2 - Specify the authentication type as "ip ospf authentication message-digest".
3 - Set the encryption algorithm to AES by adding the "ip ospf message-digest-key" command with the desired key-id and encryption type as "md5 0 AES <password>".
03-14-2024 04:34 AM - edited 03-14-2024 04:41 AM
OSPFv3 with IPv6 is only support auth other OSPFv2 is support only plain text or MD5 hash
MHM
03-14-2024 09:31 AM
If you want the OSPF communication between peers encrypted using AES then your options are using MACSec or IPSec.
If you were referring to authentication, then OSPF supports authentication of the messages between the peer devices using either MD5 or SHA (SHA1, SHA256, SHA384 or SHA512) or plaintext.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide