RE: Virutal Link Authentication [7:25837]
Bill, That good old issue of virtual link authentication. I think everyone who has or is sitting their lab soon has been through what you are experiencing. A quick search of the archives would find your answer in no time as this topic has been discussed beyond the scope but to be nice to you the quick version is. 11.2 you need to put area 0 authentication message digest on the other end of the virtual links router (you are extending area 0 to that router after all).. now in some cases you do not have to put any auth on the virtual link but I would say that is wrong so you should do area 21 virtual-link 1.1.1.1 message-digest 1 md5 hello. This will then work. 12.1 you do not need to put area 0 auth on the receiving router. For the virtual link you do area 21 virtual-link 1.1.1.1 authentication message-digest message-digest-key 1 md5 hello. When you mix and match the IOS versions you have to think on the lowest level in other words do it the way it works in 11.2. HTH -Original Message- From: Bill Reilly [mailto:[EMAIL PROTECTED]] Sent: 11 November 2001 18:41 To: [EMAIL PROTECTED] Subject: Virutal Link Authentication [7:25837] I have been working on some VL labs with and without different types of authentication. Now the first issue I have is some of my routers are running 11.2 and some are running 12.1. I suspect my issue resides in the differences in IOS, but what I am seeing is when I try to use message-digest I am not able to authenticate my VL. My debug output on both routers states Rcv pkt from 10.0.1.22, Ethernet0 : Mismatch Authentication type. Input pa cket specified type 0, we use type 1 Any help would be appreciated. Bill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25845t=25837 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Virutal Link Authentication [7:25837]
That is exactly what I found. Bill McCallum, Robert wrote: Bill, That good old issue of virtual link authentication. I think everyone who has or is sitting their lab soon has been through what you are experiencing. A quick search of the archives would find your answer in no time as this topic has been discussed beyond the scope but to be nice to you the quick version is. 11.2 you need to put area 0 authentication message digest on the other end of the virtual links router (you are extending area 0 to that router after all).. now in some cases you do not have to put any auth on the virtual link but I would say that is wrong so you should do area 21 virtual-link 1.1.1.1 message-digest 1 md5 hello. This will then work. 12.1 you do not need to put area 0 auth on the receiving router. For the virtual link you do area 21 virtual-link 1.1.1.1 authentication message-digest message-digest-key 1 md5 hello. When you mix and match the IOS versions you have to think on the lowest level in other words do it the way it works in 11.2. HTH -Original Message- From: Bill Reilly [mailto:[EMAIL PROTECTED]] Sent: 11 November 2001 18:41 To: [EMAIL PROTECTED] Subject: Virutal Link Authentication [7:25837] I have been working on some VL labs with and without different types of authentication. Now the first issue I have is some of my routers are running 11.2 and some are running 12.1. I suspect my issue resides in the differences in IOS, but what I am seeing is when I try to use message-digest I am not able to authenticate my VL. My debug output on both routers states Rcv pkt from 10.0.1.22, Ethernet0 : Mismatch Authentication type. Input pa cket specified type 0, we use type 1 Any help would be appreciated. Bill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25856t=25837 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]