SOURCECODEBD.NET

Live Experience

10. CONFIGURING OSPF AUTHENTICATION

HOW TO OSPF AUTHENTICATION CONFIGURATION
 
Interface IP Address Configuration  
  
R1  
  
Interface  IP Address    Subnet Mask  
S0/2/0      1.1.1.1            255.0.0.0  
E 0           10.1.1.1          255.0.0.0  
  
R2  
  
Interface  IP Address    Subnet Mask 
 
S0            1.1.1.2            255.0.0.0  
E0            20.1.1.1          255.0.0.0  
  
  
Task 1  
  
All routers should Authenticate Routing updates using the simple password  
authentication method. Use a key-string of cisco123.   
  
R1  
  
Router ospf 1  
Network 1.1.1.1 0.0.0.0 area 0  
Network 10.0.0.0 0.255.255.255 area 0   
  
Int s 0/2/0  
Ip ospf authentication-key cisco123  
Ip ospf authentication
 
R2  
  
Router ospf 1  
Network 1.1.1.2 0.0.0.0 area 0  
Network 20.0.0.0 0.255.255.255 area 0   
  
Int s0  
Ip ospf authentication-key cisco123  
Ip ospf authentication  
  
Verification :  
  
R1#show ip ospf neighbor  
  
The output displays neighbor in full state.  
  
If there is a mismatch in the password, there will be no OSPF neighbor relationship  
established.  
  
R1#show ip route  
  
Simple authentication on R1 and R2, but different passwords:  
  
R1#debug ip ospf adj  
  
Simple authentication on R1, no authentication on R2:  
  
R1#debug ip ospf adj  
  
Authentication type. Input packet specified type 0, we use type 1  
  
R2#debug ip ospf adj  
 
 
Task 2  
 
(Scenario based on Task 1 )  
  
All routers should Authenticate Routing updates using the most secure authentication  
method. Use Key 1 with a key-string of cisco123. Do not use wide authentication.  
  
R1  
  
Router ospf 1  
Network 1.1.1.1 0.0.0.0 area 0  
Network 10.0.0.0 0.255.255.255 area 0   
  
Int S0/2/0  
Ip ospf message-digest-key 1 md5 cisco123  
Ip ospf authentication message-digest   
 
R2  
  
Router ospf 1  
Network 1.1.1.2 0.0.0.0 area 0  
Network 20.0.0.0 0.255.255.255 area 0   
  
Int S0  
Ip ospf message-digest-key 1 md5 cisco123  
Ip ospf authentication message-digest  
 
 
Verification :
 
R1#show ip ospf neighbor  
  
If there is mismatch in key or password, there will not be OSPF neighbor relationship  
established between the two routers.   
  
R1#show ip route  
  
MD5 authentication on R1, no authentication on R2:  
Authentication type. Input packet specified type 0, we use type 2 
You are here: Home / OSPF / HOW TO OSPF AUTHENTICATION CONFIGURATION