Are you using the simple password authentication or the MD5 authentication? I realized that I assumed MD5 in my previous answer.
At 02:20 PM 2/1/02, Richard Newman wrote: >Thanks for all the replies. No clear answer yet. I do know for a fact due to >debugs that there is a periodic key exchange sequence. The debug would show >as OSPF: Send with youngest Key 1. The traffic would come across as >224.0.0.5. That's just a hello. With MD5, the key is used to create the message digest added to the hello. I agree with Peter that it might be a bug (if you're using MD5). If you're not using MD5, this may be normal behavior? But you should use MD5. The other method sends the password as clear text. It's useless as far as security is concerned. Priscilla >The only difference between the demand-circuit peers staying up >or being terminated is no authentication versus authentication. And actually >the area number doesn't matter. Also be aware, I found this out the hard >way, that you can actually have blank spaces after your key value which will >not be visible. This cost me hours of trouble shooting until I deleted and >readded my key statements. Ooops. > >Richard > > >""Richard Newman"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi all. > > I was working on a lab with an ISDN link between two of my OSPF routers. >The > > link would come up if the Frame cloud went away. Normal stuff link would >be > > initiated as usual. However, since area 0 had authentication turned on > > broadcasts from 224.0.0.5 kept the isdn link up all the time. If I >filtered > > out the 224.0.0.5 from being interesting the ospf neighbors would get > > terminated at the dead interval. When I turn off authen. from area 0 all > > worked as normal. > > > > Is this a normal occurrance? When area authentication is turned on do the > > key exchanges still happen even over a demand-circuit? > > > > Thanks... > > Richard Newman ________________________ Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34112&t=33884 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
