To enable authentication for an OSPF area, use thearea authentication router configuration command. To remove an area's authentication specification or a specified area from the configuration, use the no form of this command.
area area-id authentication [message-digest ]
no area area-id authentication
no area area-id
area-id Identifier of the area for which authentication is to be enabled. The identifier can be specified as either a decimal value or an IP address.
message-digest (Optional) Enables MD5 authentication on the area specified by area-id.
Type 0 authentication (no authentication)
Router configuration
| Release | Modification | 10.0 | This command was introduced. |
11.0 | Themessage-digest keyword was added. |
|---|
Specifying authentication for an area sets the authentication to Type 1 (simple password) as specified in RFC 1247. If this command is not included in the configuration file, authentication of Type 0 (no authentication) is assumed.
The authentication type must be the same for all routers and access servers in an area. The authentication password for all OSPF routers on a network must be the same if they are to communicate with each other via OSPF. Use the ip ospf authentication-keycommand to specify this password.
If you enable MD5 authentication with the message-digest keyword, you must configure a password with the ip ospf message-digest-key command.
To remove the area's authentication specification, use the no form of this command with the authentication keyword.
To remove the specified area from the software configuration, use the command no area area-id (with no other keywords). That is, no areaarea-id removes all area options, such as area authentication , area default-cost, area nssa, area range, area stub, and area virtual-link.
The following example mandates authentication for areas 0 and 36.0.0.0 of OSPF routing process 201. Authentication keys are also provided.
interface ethernet 0 ip address 131.119.251.201 255.255.255.0 ip ospf authentication-key adcdefgh ! interface ethernet 1 ip address 36.56.0.201 255.255.0.0 ip ospf authentication-key ijklmnop ! router ospf 201 network 36.0.0.0 0.255.255.255 area 36.0.0.0 network 131.119.0.0 0.0.255.255 area 0 area 36.0.0.0 authentication area 0 authentication
| Command | Description |
|---|---|
| area default-cost | Specifies a cost for the default summary route sent into a stub area. |
| area stub | Defines an area as a stub area. |
| ip ospf authentication-key | Assigns a password to be used by neighboring routers that are using the simple password authentication of OSPF. |
| ip ospf message-digest-key | Enables OSPF MD5 authentication. |
Printed for apswan@ctr.ap.nic.in on Wed Mar 5 22:32:57 PST 2003
All material in this document copyright 2000 Cisco Systems, Inc. All rights reserved. No material may be reproduced or distributed without written permission of Cisco Systems, Inc.