Re: Encryption of OSPF packet

engel · ‎06-18-2002

Dear All,

Can OSPF packet be encrypted ?

Appreciate for any insight

yusuff · ‎06-19-2002

Authenticate ospf neighbors, it encrypts the ospf packets via plain-text and MD5

http://www.cisco.com/warp/public/104/25.shtml

R/Yusuf

nuno.morais · ‎06-19-2002

Hi.

What do you mean by encryption? Do you mean confidentiality or just authentication?

OSPF only supports authentication. You can still see the LSAs payload even if you use authentication. The only thing authentication does is authenticate neighbors. There is no payload encryption.

Hope this helps.

NM

engel · ‎06-19-2002

I am sorry not to be clear. I was asking the following scenario:

LAN1--R1--- Internet----R2----LAN2

R1 and R2 create a VPN tunnel, and through the tunnel exchange routing information of its own local network. I am thinking to use OSPF as the dynamic routing protocol. This routing information exchange should be done inside the tunnel. I find out that OSPF is protocol 88, so I think it can not be encrypted by IPSec. I am researching on posibility to use a GRE tunnel as the media to encrypt OSPF. I would like to know if anyone has implemented such scenario and its limitation.

Best Regards,

Engelhard

yusuff · ‎06-20-2002

Here's a sample config to configure GRE tunnel over IPSec with OSPF

http://www.cisco.com/warp/customer/707/gre_ipsec_ospf.html

HTH

R/Yusuf

nuno.morais · ‎06-20-2002

Hello.

OSPF runs over IP, protocol type 89.

Rgds.

NM

engel · ‎06-20-2002

Thanks for the correction. Faulty of my memory cause it reverses the protocol`s number between EIGRP and OSPF. Should be corrected now.