For more information, see Configuring OSPF authentication on a virtual link.
Syntax:
area
area-id
virtual-linkip-addr
authentication-keykey-string
no area 1 virtual-linkip-address
authenticationUsed to configure password authentication in the router OSPF context on both ABRs in a virtual link. The password takes effect immediately, and all OSPF packets transmitted on the link contain this password. Every OSPF packet received on the interface for the virtual link on each ABR is checked for the password. If it is not present, the packet is dropped.
To disable password authentication on an ABR interface used for a virtual link, use the
no
form of the command.The password must be the same on both ABRs on a given virtual link.
NOTE: For the 5400zl switches, when the switch is in enhanced secure mode, commands that take a secret key as a parameter have the echo of the secret typing replaced with asterisks. The input for
key-string
is prompted for interactively. For more information, see the access security guide for your switch.
Specifies the OSPF area in which both ABRs in a given virtual link operate. In this use, the area ID is sometimes termed "transit area ID." This value must be the same for both ABRs in the virtual link.
For an ABR in a given virtual link, this is the IP address used to create the link on that ABR. (This IP address matches the IP address of the interface on the opposite end of the virtual link. See the description of
in the syntax description under Configuring a virtual link.)
ip-address
An alphanumeric string of one to eight characters. (Spaces are not allowed.)
To change the password, re-execute the command with the new password.
NOTE: To replace the password method with the MD5 method on a given interface, overwrite the password configuration by using the MD5 form of the command shown in Authenticating OSPF MD5 on a virtual link. (It is not necessary to disable the currently configured OSPF password.)
Syntax:
Used to configure MD5 authentication in the router OSPF context on both ABRs in a virtual link. The MD5 authentication takes effect immediately, and all OSPF packets transmitted on the link contain the designated key. Every OSPF packet received on the interface for the virtual link on each ABR is checked for the key. If it is not present, the packet is dropped.
To disable MD5 authentication on an ABR interface used for a virtual link, use the
no
form of the command. The password must be the same on both ABRs on a given virtual link.
NOTE: Before using this authentication option, you must configure one or more key chains on the routing switch by using the Key Management System (KMS). See the access security guide for your routing switch.
For an ABR in a given virtual link, this is the IP address used to create the link on that ABR. (This IP address matches the IP address of the interface on the opposite end of the virtual link. See the description of
in the syntax description under Configuring a virtual link.)
ip-address
The name of a key generated using the
key-chain
command.chain_name
keykey_id
To change the MD5 authentication configured on a virtual link, re-execute the command with the new MD5 key.
NOTE: To replace the MD5 method with the password method on a virtual link, overwrite the MD5 configuration by using the password form of the command shown under Authenticating the OSPF password on a virtual link. (It is not necessary to disable the currently configured OSPF MD5 authentication.)