PG1X WIKI

My Knowledge Base

User Tools

Site Tools


tech:network:cisco:ospf:area-authentication:area-authentication

Cisco: OSPF Area Authentication

Lab 1: a37028dd-7f55-43c3-b132-654db0f817a0

Topology

Base Configuration

Common Configuration Snippet

R1

R2

R3

Configuring OSPF w/ Area Authentication f39fd7c0-de2c-48b4-b20a-ac2dae2d35f7

  • R1
configure terminal
!
interface GigabitEthernet 0/1
 ip ospf authentication-key PG1X
!
router ospf 1
 area 10 authentication
 router-id 1.1.1.1
 network 10.1.1.1 0.0.0.0 area 10
 network 10.1.2.1 0.0.0.0 area 10
 network 1.1.1.1 0.0.0.0 area 10
 passive-interface GigabitEthernet 0/2
exit
!
end
  • R2
configure terminal
!
interface GigabitEthernet 0/1
 ip ospf message-digest-key 1 md5 SuperSECRET
interface GigabitEthernet 0/2
 ip ospf authentication-key PG1X
!
router ospf 1
 area 10 authentication
 area 0 authentication message-digest
 router-id 2.2.2.2
 network 10.1.2.2 0.0.0.0 area 10
 network 10.2.3.2 0.0.0.0 area 0
 network 2.2.2.2 0.0.0.0 area 0
exit
!
end
  • R3
configure terminal
!
interface GigabitEthernet 0/2
 ip ospf message-digest-key 1 md5 SuperSECRET
!
router ospf 1
 area 0 authentication
 router-id 3.3.3.3
 network 10.2.3.3 0.0.0.0 area 0
 network 10.3.3.3 0.0.0.0 area 0
 network 3.3.3.3 0.0.0.0 area 0
 passive-interface GigabitEthernet 0/1
exit
!
end

Verification

  • Wireshark Display Filter
ospf
R1(config-if)#ip ospf authentication-key AuthenticateMe
% OSPF: Warning: The password/key will be truncated to 8 characters

R1 Console Log

R2 Console Log

R3 Console Log

Wireshark Packet Capture Result on R2

Lab 2: OSPF w/ Area Authentication w/ different password by neighbors 26c5211a-06b3-4ae5-808b-90a6614677cd

Topology

Base Configuration

Common Configuration Snippet

R1

R2

R3

Configuring OSPF w/ Area Authentication w/ different password by neighbors 52cea8bf-726b-43d9-ab52-c3f216478a8a

  • R1
configure terminal
!
interface GigabitEthernet 0/1
 ip ospf message-digest-key 1 md5 R1-R2-secret
interface GigabitEthernet 0/2
 ip ospf message-digest-key 1 md5 R3-R1-secret
!
router ospf 1
 area 0 authentication message-digest
 router-id 1.1.1.1
 network 10.1.2.1 0.0.0.0 area 0
 network 10.3.1.1 0.0.0.0 area 0
 network 1.1.1.1 0.0.0.0 area 0
exit
!
end
  • R2
configure terminal
!
interface GigabitEthernet 0/1
 ip ospf message-digest-key 1 md5 R2-R3-secret
interface GigabitEthernet 0/2
 ip ospf message-digest-key 1 md5 R1-R2-secret
!
router ospf 1
 area 0 authentication message-digest
 router-id 2.2.2.2
 network 10.1.2.2 0.0.0.0 area 0
 network 10.2.3.2 0.0.0.0 area 0
 network 2.2.2.2 0.0.0.0 area 0
exit
!
end
  • R3
configure terminal
!
interface GigabitEthernet 0/1
 ip ospf message-digest-key 1 md5 R3-R1-secret
interface GigabitEthernet 0/2
 ip ospf message-digest-key 1 md5 R2-R3-secret
!
router ospf 1
 area 0 authentication message-digest
 router-id 3.3.3.3
 network 10.2.3.3 0.0.0.0 area 0
 network 10.3.1.3 0.0.0.0 area 0
 network 3.3.3.3 0.0.0.0 area 0
exit
!
end

Verification

References

tech/network/cisco/ospf/area-authentication/area-authentication.txt · Last modified: 2020/02/23 20:04 by wnoguchi