To add to this:
Here is another one that made me pull my hair out:
Maybe you can help shed some light on this one for me:
MD5 auth. in area 0
Specified #area 0 auth message-digest in the transit area (area 1)
Only specified#area 1 virtual-link x.x.x.x
Ditto config. on the other area 1 router:
This works...but why??
I always thought that you had to specify the md5 authentication in the
virtual-link cmd. but it appears not so.
Here is what did catch my eye:
When specifying the md5 key, the VL does use key 1
Ex. Message digest authentication enabled
Youngest key id is 1
but when NOT specifying it, it uses the default-key 0 and this still works
even though area 0 is using key 1 !!!
Ex. Message digest authentication enabled
No key configured, using default key id 0
But MOST IMPORTANT: will any points be deducted by the proctor god in the
Lab if one does not specify the md5 keyword in the VL cmd??
>From: "The Long and Winding Road"
>Reply-To: "The Long and Winding Road"
>To: [EMAIL PROTECTED]
>Subject: OSPF Virtual link authentication - observations [7:65628]
>Date: Tue, 18 Mar 2003 05:04:47 GMT
>
>Not sure I have this all sorted out correctly. Perhaps those with a bit
>more
>experience might add their wisdom, not to mention their corrections.
>
>The ospf virtual link being what it is, it follows rules similar to any
>other interface.
>
>It does appear, though, that in terms of structure, it looks something like
>this:
>
>( commands under the ospf process )
>
>area X authentication
>area X virtual-link y.y.y.y authentication
>area X virtual-link y.y.y.y authentication-key WORD
>
>where X is the non zero area number over which the virtual link transits.
>
>In other words, for purposes of structure, the virtual link is not really
>part of area 0. It is a point-to-point link that is part of the non zero
>transit area.
>
>Am I understanding this correctly? I have a setup working, where the area 0
>authentication is simple and the transit area authentication is MD5, and no
>adjacency is formed across the virtual link with simple authentication, but
>comes up just fine with MD5.
>
>Any comments are appreciated.
>
>--
>TANSTAAFL
>"there ain't no such thing as a free lunch"
_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE*
http://join.msn.com/?page=features/junkmail
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65660&t=65628
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
