Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Au Tent Ication o SPF

    Încărcat de

    juan3_84
    16 vizualizări17 pagini
    OSPF Athentication

    Titlu original

    Au Tent Ication o Spf

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PPT, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    OSPF Athentication

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    16 vizualizări17 pagini

    Au Tent Ication o SPF

    Încărcat de

    juan3_84
    OSPF Athentication

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 17

    Configuring and

    Verifying OSPF
    Authentication

    Implementing a Scalable Multiarea Network OSPF-


    Based Solution

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-1


    OSPF Authentication Types
    OSPF supports two types of authentication:
    Simple password (or plaintext) authentication
    MD5 authentication
    The router generates and checks every OSPF packet.
    The source of each routing update packet received is
    authenticated.
    Each participating neighbor must have the same key (password)
    configured.

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-2


    Configure Simple Password
    Authentication for OSPF
    R1(config-if)#ip ospf authentication-key mykey
    This command defines a password to be used with a neighboring
    router.
    The neighboring router must have the same password configured.
    R1(config-if)#ip ospf authentication
    OR
    R1(config-router)#area 0 authentication
    Specifies the authentication type for an interface or the
    authentication type for an area.

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-3


    Simple Password Authentication
    Configuration Example

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-4


    Simple Password Authentication
    Configuration for Virtual Links

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-5


    Verifying Simple Password
    Authentication

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-6


    Configure OSPF MD5 Authentication
    R1(config-if)#ip ospf message-digest-key 1 md5 mysecretkey
    Defines a key ID and key to be used with a neighboring router.
    Neighboring router must have the same combination of key ID
    and key configured.
    R1(config-if)#ip ospf authentication message-digest
    OR
    R1(config-router)#area 0 authentication message-digest
    Specifies the authentication type for an interface or the
    authentication type for an area.

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-7


    OSPF MD5 Authentication Configuration
    Example

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-8


    Verifying MD5 Authentication

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-9


    Authentication Verification
    Problems include the following:
    Authentication problems:
    Authentication is not configured on both sides.
    A different authentication type is configured on either side.
    Different passwords are configured on either side.
    R1#
    debug ip ospf adj

    This command displays the OSPF adjacency-related events.

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-10


    Successful Simple Password
    Authentication Verification
    Authentication is configured correctly

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-11


    Troubleshooting Simple Password
    Authentication Problems
    Simple authentication is not configured on router R2

    Different keys on routers R1 and R2

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-12


    Successful MD5 Authentication
    Verification
    Authentication is configured correctly

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-13


    Troubleshooting MD5 Authentication
    Problems
    MD5 authentication configured on both routers
    Router R1 has key 1 and router R2 has key 2, both with the same
    passwords:

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-14


    Summary
    When authentication is configured, the router generates and
    checks every OSPF packet and authenticates the source of each
    routing update packet that it receives. OSPF supports two types
    of authentication:
    Simple password (or plaintext) authentication: The router
    sends an OSPF packet and key.
    MD5 authentication: The router generates a message digest,
    or hash, of the key, key ID, and message. The message digest
    is sent with the packet; the key is not sent.
    To configure simple password authentication, use the ip ospf
    authentication-key password command and the ip ospf
    authentication command.

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-15


    Summary (Cont.)
    To configure MD5 authentication, use the ip ospf message-
    digest-key key-id md5 key command and the ip ospf
    authentication message-digest command.
    Use the show ip ospf neighbor, show ip route, ping, and
    debug ip ospf adj commands to verify and troubleshoot both
    types of authentication. With MD5 authentication, the debug ip
    ospf adj command output indicates the key ID sent.

    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-16


    2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.03-17

    S-ar putea să vă placă și