cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
692
Views
5
Helpful
6
Replies

OSPF authentication

chris_moyzan
Level 1
Level 1

Hi guys. I`m being tasked to add OSPF authentication to all our devices that use OSPF. I did some research and I know how to do it. The thing is, I'm not sure how I could do it in a timely manner... Also, how can I tell which interface is in which OSPF process? When I do a show ip ospf, it lists the processes and tells me how many interfaces are in the process but doesn't tell me which ones.

Is there a way to enter the md5 password at the area level instead of at the interface level? That would be much quicker and easier for me.

1 Accepted Solution

Accepted Solutions

Yes, on multilayer switches it is possible to use the "interface range" command similarly to this:

conf t

interface range Gig0/1 - 30

no switchport

ip ospf message-key 1 md5 xxxx

Cheers:

Istvan

View solution in original post

6 Replies 6

Istvan_Rabai
Level 7
Level 7

Hi Chris,

Use the "show ip ospf interface serial1/0" type command to see which area the interface is attached to.

If you use the "show ip ospf interface", it will list all interfaces configured for OSPF.

I know only of interface level authentication as to the configuration of authentication keys.

Cheers:

Istvan

Thanks for your reply, Istvan, although it's a bit of a letdown since I have lots of interface to configure :( On our main switch I have 3 processes with about 30 interfaces. Is it possible to enter the "Ip ospf message-key 1 md5 password on an interface range?

Yes, on multilayer switches it is possible to use the "interface range" command similarly to this:

conf t

interface range Gig0/1 - 30

no switchport

ip ospf message-key 1 md5 xxxx

Cheers:

Istvan

Ok, thanks, I'll do more testing.

You may also want to remember to be careful when you apply the Md5 key: dont add any extra spaces on one side....sometimes that happens when you use Notepad to make sweeping config changes.

Thanks

Victor

Thanks, Victor, I will check to make sure there aren't any problems with the key. I did some tests and it seems I can set a key for an interface even though authentication is not set in the area. This simplifies my task since I'll just apply the command to a range of interfaces.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: