Thursday, August 20, 2015

OSPF- Authentication


Case -1

Authentication type
Null     - No Authentication , This is a type
Plain text
MD5

 Authentication is per interface base

 Case -1 Plain-text  Authentication between R1-R3

 R1 & R3 

 router ospf 10
 area 0 authentication // Authentication enabled on area basis//
R1(config)#int fa0/1

R1(config-if)#ip ospf authentication-key cisco

%OSPF-5-ADJCHG: Process 10, Nbr 39.1.4.1 on FastEthernet0/1 from FULL to DOWN, Neighbor Down: Dead timer expired

R3#
%OSPF-5-ADJCHG: Process 10, Nbr 1.1.1.1 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired

R3(config)#int fa0/0
R3(config-if)#ip ospf authentication-key cisco

%OSPF-5-ADJCHG: Process 10, Nbr 1.1.1.1 on FastEthernet0/0 from LOADING to FULL, Loading Done

Case -1B Plain-text  Authentication between R1-R3

router ospf 10
 no area 0 authentication // Authentication disabled on area basis//

R1

%OSPF-5-ADJCHG: Process 10, Nbr 39.1.4.1 on FastEthernet0/1 from FULL to DOWN, Neighbor Down: Dead timer expired

R1(config)#int fa0/1
R1(config-if)#ip ospf authentication  // Authentication enabled on interface basis //
R1(config-if)#ip ospf authentication-key cisco

R3'
interface FastEthernet0/0

 ip ospf authentication
 ip ospf authentication-key cisco

in R1

FastEthernet0/1 is up, line protocol is up
  Internet Address 13.0.0.1/24, Area 0, Attached via Network Statement
  Process ID 10, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 10
  Topology-MTID    Cost    Disabled    Shutdown      Topology Name
        0           10        no          no            Base
  Transmit Delay is 1 sec, State BDR, Priority 1
  Designated Router (ID) 39.1.4.1, Interface address 13.0.0.3
  Backup Designated router (ID) 1.1.1.1, Interface address 13.0.0.1
  Flush timer for old DR LSA due in 00:01:44
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    Hello due in 00:00:08
  Supports Link-local Signaling (LLS)
  Cisco NSF helper support enabled
  IETF NSF helper support enabled
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 4
  Last flood scan time is 0 msec, maximum is 4 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 39.1.4.1  (Designated Router)
  Suppress hello for 0 neighbor(s)
  Simple password authentication enabled




Case -2        MD5 Authentication between R2-R5


in R2 & R5

key chain Test
 key 1
  key-string cisco
!
int  fa0/0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 Test


sh ip ospf int fa0/0
FastEthernet0/0 is up, line protocol is up
  Internet Address 25.0.0.2/24, Area 0, Attached via Network Statement
  Process ID 10, Router ID 2.2.2.2, Network Type BROADCAST, Cost: 10
  Topology-MTID    Cost    Disabled    Shutdown      Topology Name
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
    Adjacent with neighbor 55.5.5.5  (Designated Router)
  Suppress hello for 0 neighbor(s)
  Message digest authentication enabled
    Youngest key id is 1


Case -2        MD5 Authentication between R2-R5 with multiple keys

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)