Cisco: OSPF Area Authentication

Lab 1: a37028dd-7f55-43c3-b132-654db0f817a0

OSPF/a37028dd-ospf-interface-authentication.virl · master · CCIE Enterprise Infrastructure v1.0 / CCIE Enterprise Infrastructure v1.0 VIRL Topologies Project · GitLab
This lab base is identical to lab-a37028dd-7f55-43c3-b132-654db0f817a0.

Topology

Base Configuration

R1

configure terminal
!
interface GigabitEthernet 0/1
 ip address 10.1.2.1 255.255.255.0
 no shutdown
interface GigabitEthernet 0/2
 ip address 10.1.1.1 255.255.255.0
 no shutdown
interface Loopback 0
 ip address 1.1.1.1 255.255.255.255
 no shutdown
!
end

R2

R2

configure terminal
!
interface GigabitEthernet 0/1
 ip address 10.2.3.2 255.255.255.0
 no shutdown
interface GigabitEthernet 0/2
 ip address 10.1.2.2 255.255.255.0
 no shutdown
interface Loopback 0
 ip address 2.2.2.2 255.255.255.255
 no shutdown
!
end

R3

R3

configure terminal
!
interface GigabitEthernet 0/1
 ip address 10.3.3.3 255.255.255.0
 no shutdown
interface GigabitEthernet 0/2
 ip address 10.2.3.3 255.255.255.0
 no shutdown
interface Loopback 0
 ip address 3.3.3.3 255.255.255.255
 no shutdown
!
end

Configuring OSPF w/ Area Authentication f39fd7c0-de2c-48b4-b20a-ac2dae2d35f7

R1

configure terminal
!
interface GigabitEthernet 0/1
 ip ospf authentication-key PG1X
!
router ospf 1
 area 10 authentication
 router-id 1.1.1.1
 network 10.1.1.1 0.0.0.0 area 10
 network 10.1.2.1 0.0.0.0 area 10
 network 1.1.1.1 0.0.0.0 area 10
 passive-interface GigabitEthernet 0/2
exit
!
end

R2

configure terminal
!
interface GigabitEthernet 0/1
 ip ospf message-digest-key 1 md5 SuperSECRET
interface GigabitEthernet 0/2
 ip ospf authentication-key PG1X
!
router ospf 1
 area 10 authentication
 area 0 authentication message-digest
 router-id 2.2.2.2
 network 10.1.2.2 0.0.0.0 area 10
 network 10.2.3.2 0.0.0.0 area 0
 network 2.2.2.2 0.0.0.0 area 0
exit
!
end

R3

configure terminal
!
interface GigabitEthernet 0/2
 ip ospf message-digest-key 1 md5 SuperSECRET
!
router ospf 1
 area 0 authentication
 router-id 3.3.3.3
 network 10.2.3.3 0.0.0.0 area 0
 network 10.3.3.3 0.0.0.0 area 0
 network 3.3.3.3 0.0.0.0 area 0
 passive-interface GigabitEthernet 0/1
exit
!
end

Verification

Wireshark Display Filter

ospf

R1(config-if)#ip ospf authentication-key AuthenticateMe
% OSPF: Warning: The password/key will be truncated to 8 characters

R1 Console Log

R2 Console Log

R3 Console Log

Wireshark Packet Capture Result on R2

Lab 2: OSPF w/ Area Authentication w/ different password by neighbors 26c5211a-06b3-4ae5-808b-90a6614677cd

OSPF/26c5211a-ospf-area-authentication-each-neighbor-password.virl · master · CCIE Enterprise Infrastructure v1.0 / CCIE Enterprise Infrastructure v1.0 VIRL Topologies Project · GitLab

Topology

Base Configuration

Common Configuration Snippet

R1

R1

configure terminal
!
interface GigabitEthernet 0/1
 ip address 10.1.2.1 255.255.255.0
 no shutdown
interface GigabitEthernet 0/2
 ip address 10.3.1.1 255.255.255.0
 no shutdown
interface Loopback 0
 ip address 1.1.1.1 255.255.255.255
 no shutdown
!
end

R2

R2

configure terminal
!
interface GigabitEthernet 0/1
 ip address 10.2.3.2 255.255.255.0
 no shutdown
interface GigabitEthernet 0/2
 ip address 10.1.2.2 255.255.255.0
 no shutdown
interface Loopback 0
 ip address 2.2.2.2 255.255.255.255
 no shutdown
!
end

R3

R3

configure terminal
!
interface GigabitEthernet 0/1
 ip address 10.3.1.3 255.255.255.0
 no shutdown
interface GigabitEthernet 0/2
 ip address 10.2.3.3 255.255.255.0
 no shutdown
interface Loopback 0
 ip address 3.3.3.3 255.255.255.255
 no shutdown
!
end

Configuring OSPF w/ Area Authentication w/ different password by neighbors 52cea8bf-726b-43d9-ab52-c3f216478a8a

R1

configure terminal
!
interface GigabitEthernet 0/1
 ip ospf message-digest-key 1 md5 R1-R2-secret
interface GigabitEthernet 0/2
 ip ospf message-digest-key 1 md5 R3-R1-secret
!
router ospf 1
 area 0 authentication message-digest
 router-id 1.1.1.1
 network 10.1.2.1 0.0.0.0 area 0
 network 10.3.1.1 0.0.0.0 area 0
 network 1.1.1.1 0.0.0.0 area 0
exit
!
end

R2

configure terminal
!
interface GigabitEthernet 0/1
 ip ospf message-digest-key 1 md5 R2-R3-secret
interface GigabitEthernet 0/2
 ip ospf message-digest-key 1 md5 R1-R2-secret
!
router ospf 1
 area 0 authentication message-digest
 router-id 2.2.2.2
 network 10.1.2.2 0.0.0.0 area 0
 network 10.2.3.2 0.0.0.0 area 0
 network 2.2.2.2 0.0.0.0 area 0
exit
!
end

R3

configure terminal
!
interface GigabitEthernet 0/1
 ip ospf message-digest-key 1 md5 R3-R1-secret
interface GigabitEthernet 0/2
 ip ospf message-digest-key 1 md5 R2-R3-secret
!
router ospf 1
 area 0 authentication message-digest
 router-id 3.3.3.3
 network 10.2.3.3 0.0.0.0 area 0
 network 10.3.1.3 0.0.0.0 area 0
 network 3.3.3.3 0.0.0.0 area 0
exit
!
end

Verification

Wireshark Display Filter

ospf

R1 Console Log

R2 Console Log

R3 Console Log

References

PG1X WIKI

Table of Contents

Cisco: OSPF Area Authentication

Lab 1: a37028dd-7f55-43c3-b132-654db0f817a0

Topology

Base Configuration

Configuring OSPF w/ Area Authentication f39fd7c0-de2c-48b4-b20a-ac2dae2d35f7

Verification

Lab 2: OSPF w/ Area Authentication w/ different password by neighbors 26c5211a-06b3-4ae5-808b-90a6614677cd

Topology

Base Configuration

Configuring OSPF w/ Area Authentication w/ different password by neighbors 52cea8bf-726b-43d9-ab52-c3f216478a8a

Verification

References

PG1X WIKI

User Tools

Site Tools

Table of Contents

Cisco: OSPF Area Authentication

Lab 1: a37028dd-7f55-43c3-b132-654db0f817a0

Topology

Base Configuration

Configuring OSPF w/ Area Authentication f39fd7c0-de2c-48b4-b20a-ac2dae2d35f7

Verification

Lab 2: OSPF w/ Area Authentication w/ different password by neighbors 26c5211a-06b3-4ae5-808b-90a6614677cd

Topology

Base Configuration

Configuring OSPF w/ Area Authentication w/ different password by neighbors 52cea8bf-726b-43d9-ab52-c3f216478a8a

Verification

References

Page Tools