authentication key. Without the proper key and key-id, it is nearly impossible
to produce any message that matches the pre-specified target message
digest.
• Before specifying plain-text password authentication for an interface,
configure a password with the
ip ospf authentication-key
command. Before
specifying MD5 authentication for an interface, configure the message-digest
key-id and key with the
ip ospf message-digest-key
command.
• The plain-text authentication-key, or the MD5 key-id and key, must be used
consistently throughout the autonomous system.
Example
This example enables message-digest authentication for the specified interface.
Console(config)#interface vlan 1
Console(config-if)#ip ospf authentication message-digest
Console(config-if)#
Related Commands
ip ospf authentication-key (42-33)
ip ospf message-digest-key (42-34)
ip ospf authentication-key
This command assigns a simple password to be used by neighboring routers to
verify the authenticity of routing protocol messages. Use the
no
form to remove the
password.
Syntax
ip ospf authentication-key
key
no ip ospf authentication-key
key - Sets a plain text password. (Range: 1-8 characters)
Command Mode
Interface Configuration (VLAN)
Default Setting
No password
Command Usage
• Before specifying plain-text password authentication for an interface with the
ip ospf authentication
command, configure a password with this command.
• This command creates a password (key) that is inserted into the OSPF
header when routing protocol packets are originated by this device. Assign a
separate password to each network for different interfaces. All neighboring
routers on the same network with the same password will exchange routing
data.
• A different password can be assigned to each network interface basis, but the
password must be used consistently on all neighboring routers throughout a
network (i.e., autonomous system).
42-33
Open Shortest Path First (OSPF)
42