Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Encryption of OSPF packet

Dear All,

Can OSPF packet be encrypted ?

Appreciate for any insight

6 REPLIES
Cisco Employee

Re: Encryption of OSPF packet

Authenticate ospf neighbors, it encrypts the ospf packets via plain-text and MD5

http://www.cisco.com/warp/public/104/25.shtml

R/Yusuf

New Member

Re: Encryption of OSPF packet

Hi.

What do you mean by encryption? Do you mean confidentiality or just authentication?

OSPF only supports authentication. You can still see the LSAs payload even if you use authentication. The only thing authentication does is authenticate neighbors. There is no payload encryption.

Hope this helps.

NM

New Member

Re: Encryption of OSPF packet

I am sorry not to be clear. I was asking the following scenario:

LAN1--R1--- Internet----R2----LAN2

R1 and R2 create a VPN tunnel, and through the tunnel exchange routing information of its own local network. I am thinking to use OSPF as the dynamic routing protocol. This routing information exchange should be done inside the tunnel. I find out that OSPF is protocol 88, so I think it can not be encrypted by IPSec. I am researching on posibility to use a GRE tunnel as the media to encrypt OSPF. I would like to know if anyone has implemented such scenario and its limitation.

Best Regards,

Engelhard

Cisco Employee

Re: Encryption of OSPF packet

Here's a sample config to configure GRE tunnel over IPSec with OSPF

http://www.cisco.com/warp/customer/707/gre_ipsec_ospf.html

HTH

R/Yusuf

New Member

Re: Encryption of OSPF packet

Hello.

OSPF runs over IP, protocol type 89.

Rgds.

NM

New Member

Re: Encryption of OSPF packet

Thanks for the correction. Faulty of my memory cause it reverses the protocol`s number between EIGRP and OSPF. Should be corrected now.

1557
Views
0
Helpful
6
Replies