Cisco

Cisco - OSPF_Authentication

Situation

# OSPF建立neighbor加上認證機制
OSPF neighbor establishment requires an authentication mechanism.

Configuration - Key chain

[R1]
conf t
  router ospf 1
    router-id 1.1.1.1

  key chain "NAME"
    key 1
      key-string "KEY_STRING"
      cryptographic-algorithm hmac-sha-256
  
  interface ether 0/1
    ip address 10.1.1.1 255.255.255.0
    ip ospf authentication key-chain "NAME"
    ip ospf 1 area 0

[R2]
conf t
  router ospf 1
    router-id 2.2.2.2

  key chain "NAME"
    key 1
      key-string "KEY_STRING"
      cryptographic-algorithm hmac-sha-256
  
  interface ether 0/1
    ip address 10.1.2.1 255.255.255.0
    ip ospf authentication key-chain "NAME"
    ip ospf 1 area 0

Configuration - MD5

[R1]
conf t
  router ospf 1
    router-id 1.1.1.1
  
  interface ether 0/1
    ip address 10.1.1.1 255.255.255.0
    ip ospf authentication message-digest
    ip ospf message-digest-key 1 md5 "KEY_STRING"
    ip ospf 1 area 0

[R2]
conf t
  router ospf 1
    router-id 2.2.2.2

  interface ether 0/1
    ip address 10.1.2.1 255.255.255.0
    ip ospf authentication message-digest
    ip ospf message-digest-key 1 md5 "KEY_STRING"
    ip ospf 1 area 0

Check

# 檢查neighbor
show ip ospf neighbor

# 檢查密碼,小心空白
show key chain