With AD you will have to use RADIUS to authenticate. If you go straight from
the VPN 3005 to the domain controller (using NT domain authentication on the
3005) the domain name is not passed over to the domain controller, that's
way it fails. You have to change to RADIUS with expiry authentic
Hi ppl. I am tryin to made a VPN 3005 to authenticate to a MS AD for remote
access users. However, on the bonx's event log, it says invalid password,
even thought the password is valid on the domain login. I have even created
a new account in the AD but still failed in invalid password. Anyone got
e password the remote device used in its encryption
process. The access server then encrypts the concatenated information with
the newly retrieved password-if the result matches the result sent in the
response packet, authentication succeeds."
Both routers authenticate each other; it's
"ppp auth chap" to the interfaces. However, when doing this, the
link becomes more of a flapping link, and, running "debug ppp auth", there
is no authentication success.
However, if I were to do this:
Router2(config)# username Router3 password abc
Router2(config)# username
,
Jeff
""Jsnatan ^. Jsnasson"" wrote in message
news:[EMAIL PROTECTED]
> Hi,
>
> Im new to this list(first post, been watching it for a while though)
> I'm having a hard time trying to find the minimal requirements for 802.1x
> authentication.
>
> L
Hi,
Im new to this list(first post, been watching it for a while though)
I'm having a hard time trying to find the minimal requirements for 802.1x
authentication.
Like what version of Cisco Secure ACS do I need (is 3.0 enough?)
Are all switches supported (like 3500XL for example)
And what
Hi GS,
Does anyone know off hand whether you can authenticate a group on a Cisco
vpn concentrator (3030) with digital certificates and the user with Secure
ID?? So far I can do one or the other as it seems that the although the SDI
server authenticates a user it is configured at group level and s
Hi.
You can use the cisco software ACS.
CCO has tips and configs for that software.
Antero VAsconcelos
-Original Message-
From: Alexandre Chaves [mailto:[EMAIL PROTECTED]
Sent: segunda-feira, 7 de Julho de 2003 12:45
To: [EMAIL PROTECTED]
Subject: Authentication [7:71977]
Dear Friends
authentication. I always do this with Linux (squid). Can I do with Cisco? Can
the login data base be in the router or in a radius server?
Thanks in advance!
Alexandre Chaves
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=71977&
I4m using radiusd-cistron-1.6.6-2.
Frederico Madeira
Coordenador de Suporte
N. Landim Comircio Ltda
PABX: 81. 3497.3029
e-mail: [EMAIL PROTECTED]
- Original Message -
From: "Jim Wang"
To:
Sent: Wednesday, June 18, 2003 3:00 PM
Subject: Re: mode enable on aaa authenticatio
I'm not familiar with Huiwa router. I use a similar command,
aaa authentication enable default tacacs+ local, on our routers and it
works. What type of AAA authentication server are you using?
-Jim
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=7087
>>>> John Neiberger 6/18/03 9:33:55 AM >>>
>When you navigate to a secure website and you get a popup challenge to
>authenticate, what type of authentication is this? It doesn't seem like
it
>would be CHAP or PAP, but it could be a close relative. The par
Jim,
In fact i use huawei router .
When i put the command aaa authentication enable default radius local
return me incorrect command.
Frederico Madeira
Coordenador de Suporte
N. Landim Comircio Ltda
PABX: 81. 3497.3029
e-mail: [EMAIL PROTECTED]
- Original Message -
From: "Jim
-server host ip_rad_server2
radius-server key passwordkey
radius-server retransmit 3
aaa-enable
aaa authentication ppp default radius local
aaa authentication login default radius local
tanks.
Frederico Madeira
Coordenador de Suporte
N. Landim Comircio Ltda
PABX: 81. 3497.3029
When you navigate to a secure website and you get a popup challenge to
authenticate, what type of authentication is this? It doesn't seem like it
would be CHAP or PAP, but it could be a close relative. The particular site
I'm interested in (an internal test site) is all HTTPS so I c
login to the "enable
privileged" prompt directly. "enable options" on ACS have no effect
Second Case: Not using "Shell/Exec option", but using "enable
options" in conjunction with device "enable" aaa authentication command: --
aaa authentication ena
i4ve configure my router with aaa authentication. Username and password
prompt
only in login. I want that prompt in enabel mode than.
How i make it ???
Tanks.
Frederico Madeira
Coordenador de Suporte
N. Landim Comircio Ltda
PABX: 81. 3497.3029
e-mail: [EMAIL PROTECTED]
Message Posted at
: =?iso-8859-1?q?maine=20dude?=
Subject: RE: VPN authentication [7:70186]
To: Bosco Sachanandani
In-Reply-To:
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 8bit
Content-Length: 1711
X-Converted-To-Plain-Text: from multipart/alternative by Gr
SDN
interface. When the ISDN interface realises that there is a packet for the
remote network, it will dial out automatically using the phone number and
authentication credentails.
No need for any config on the WYSE terminal.
BR
Bosco
-Original Message-
From: maine dude [mailto:[EMAIL PROTEC
dial on demand and connect fully so the user does not see any
authentication requests
the user request should be done automatically but i cant find how to do that
via config unless* brainstorming here* the type should be network instead of
client ???
Thanks in advance,
Dj
>>
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=70076&t=70076
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
authentication
[7:70043]
Hi.. Sorry me again, I just realise that W2K can act as a RADIUS
server, is
it true?? I tried to installed cisco CSACS software on my W2K server,
it
prompt me that another program is using RADIUS port, pls disable it, it
means my W2K server come with RADIUS? Where to
0
>From: Daniel Cotts
>To: "'Richard Campbell'" , [EMAIL PROTECTED]
>Subject: RE: multiple isakmp policies question-No authentication [7:69996]
>Date: Mon, 2 Jun 2003 18:25:38 -0500
>
>In the following config RADIUS is used to authenticate the Clients. IIRC
&
act as the RADIUS server to
authenticate? (I prefer to authenticate locally in PIX515 without install
radius server)
>From the config shown below, what is aaa.bbb.ccc.10 ? a IP address of
RADIUS server? can we make authentication done locally in PIX515?
aaa-server AuthInbound (inside) h
Hey... thanks.. finally I got response from my PIX515, but it just hang at
securing communication channel stage (see below) and it doesn't authenticate
the users. What config should I add to point it to my authentication server
192.168.1.201? For your info, my VPN client is install
seconds 3600
crypto dynamic-map vpnremote 10 set transform-set set1 set2 set3
crypto map outside 20 ipsec-isakmp dynamic vpnremote
crypto map outside client configuration address respond
crypto map outside client authentication ACE-SERVER
outside interface outside
isakmp enable outside
isakmp key
Though I haven't done it myself, you should be able to keep the IAS box
(Windows 2000 Member Server) and the NT4PDC Box separate.
You're authentication AND access can be defined by the IAS box.
You would only need to allow RADIUS Ports...
1645 RADIUS Authentication
1646 RADIUS Acco
Hello All: I'm looking into using Microsoft IAS and Windows NT4 PDC to
authenticate VPN client users who are accessinga VPN 3000 concentrator. I
want home VPN client users to utilize the NT4 PDC for their login
authentication. The VPN 3000 concentrator is located on the outside
interface o
ber all the stuff I've read about this over the years.
This recent observation tells me that the virtual link is an odd animal that
is really part of the transit area. It doesn't quite follow the other OSPF
rules.
I know what the VL is supposed to do. It links the non adjacent area
directly
:
This works...but why??
I always thought that you had to specify the md5 authentication in the
virtual-link cmd. but it appears not so.
Here is what did catch my eye:
When specifying the md5 key, the VL does use key 1
Ex. Message digest authentication enabled
Youngest key id is 1
but when NOT
ber all the stuff I've read about this over the years.
This recent observation tells me that the virtual link is an odd animal that
is really part of the transit area. It doesn't quite follow the other OSPF
rules.
I know what the VL is supposed to do. It links the non adjacent area
directly
djacency".
So as you noted it would be safe to say that a virtual-link is governed by
the termination points of it's unnumbered p-2-p links. So where your
transit-area uses MD5 authentication so must your virtual-link.
Alex Zinin's Cisco IP Routing [pg. 489] clearly states that the vir
something like
this:
( commands under the ospf process )
area X authentication
area X virtual-link y.y.y.y authentication
area X virtual-link y.y.y.y authentication-key WORD
where X is the non zero area number over which the virtual link transits.
In other words, for purposes of structure, the
> thanks Chuck , it has cleared my doubts on OSPF authentication.
>
> ""The Long and Winding Road"" wrote in
> message news:[EMAIL PROTECTED]
> > For those struggling with OSPF authentication, I have created an OSPF
> > authentication reference chart
thanks Chuck , it has cleared my doubts on OSPF authentication.
""The Long and Winding Road"" wrote in
message news:[EMAIL PROTECTED]
> For those struggling with OSPF authentication, I have created an OSPF
> authentication reference chart on my web site:
>
>
For those struggling with OSPF authentication, I have created an OSPF
authentication reference chart on my web site:
http://www.chuckslongroad.info/OSPF_Authentication.htm
While visiting, you might also want to read through the essay I wrote on
this topic a couple of months back on Groupstudy
Hi all
I am facing a problem in ppp authentication. The configuration is simple.
on the serial interface one one end i have the conifguration
name#sh run int s1/0
Building configuration...
Current configuration : 173 bytes
!
interface Serial1/0
ip address 5.5.5.5 255.0.0.0
encapsulation ppp
Hi all,
Here is the another question i came across in the lab
When plain text passwd (type 1) is used as ospf authentication, it checks
the actual passwd.
when md5 (type 2) is used, a wrong passwd was set on purpose, surprisingly
the adjacency was still able to be established.
Read Doyle book, it
Milan,
In mail.net.groupstudy.pro, you wrote:
> I have problem that when I use local authentication on access-server for
ppp
> authentication for semipermanent connection, the username that I use where
> send to radius server. Can anybody tell me why this happens because it
> sh
Hello all,
I have problem that when I use local authentication on access-server for ppp
authentication for semipermanent connection, the username that I use where
send to radius server. Can anybody tell me why this happens because it
shouldn't send local username to radius? The aaa model
HAmid,
One thing u can do is, on the ACS/AAA server clear and re-enter the the
shared KEY xxx.
Qn? have u tried connecting directly into the Console port of 3660
and enter the Local Username , Password.
Also are u trying to telnet into the 3660 ? or directly connecting to
Console Port ... an
Yes, I know. But the problem is that on just one platform I have this
problem.(On the 3660s). I have tried replacing the modules (NM-16AMs).
Very strange. Any comments?
Hamid
> Wll Hamid ,
> The Local means you must be able to use the Local Username xxx and
> PAssword yxyxyxyxy on the local
Wll Hamid ,
The Local means you must be able to use the Local Username xxx and
PAssword yxyxyxyxy on the local router config. as a last resource
which is the case now
So u shd be able to log in to the router itself, if AAA/ACS is not available.
IS this happening on all the routers/Switche
Yes, I have guessed that. I created a local account on the router, and
still I had the same problem. (Ihave configured aaa for local
authentication).
Do you know what error code 13 means? ( FAIL (13) )
> HI Hamid,
>
> This seems to be a password or Username Authentication Failure)
>
HI Hamid,
This seems to be a password or Username Authentication Failure)
you can try to delete and re-enter the username and password for that group
on the ACS/AAA server.
Also is there a Firewall before accessing/Authenticating to the ACS server?
This is not passing the User Authentication
o.com/warp/public/480/tacacs_pppdebug.html
>
> Martijn
>
> - -Oorspronkelijk bericht-
> Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens Hamid
> Ali Asgari Verzonden: zaterdag 18 januari 2003 8:34
> Aan: [EMAIL PROTECTED]
> Onderwerp: URGENT: Modem Authentication Fa
://www.cisco.com/warp/public/480/tacacs_pppdebug.html
Martijn
- -Oorspronkelijk bericht-
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens Hamid Ali
Asgari
Verzonden: zaterdag 18 januari 2003 8:34
Aan: [EMAIL PROTECTED]
Onderwerp: URGENT: Modem Authentication Failure [7:61292]
Hi
:
---
Call Handle failed for Modem 5/2
%LINK-3-UPDOWN: Interface Async163, changed state to up
TPLUS: Queuing AAA Authentication request 634 for processing
TPLUS: processing authentication start request id 634
TPLUS: Authentication start packet created for 634(testuser)
TPLUS
Behalf Of
Patrick Matthews
Sent: Tuesday, January 14, 2003 9:34 AM
To: [EMAIL PROTECTED]
Subject: Re: IAS Authentication with Pix 515 [7:61023]
I used the following document and it worked great - Very easy. Logs all VPN
access in both the IAS log files and on the Domain Controller running AD.
The 3rd
I found it..
Thanks,
Kevin
- Original Message -
From: Kevin O'Gilvie
To: [EMAIL PROTECTED]
Sent: Monday, January 13, 2003 10:16 PM
Subject: IAS Authentication with Pix 515
Hi All,
Does anyone know how to make IAS use Active directory to authenticate VPN
users..
I
/products_configuration
_example09186a00800b6099.shtml
""Kevin O'Gilvie"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All,
>
> Does anyone know how to make IAS use Active directory to authenticate VPN
> users..
> I have the sample from c
Hi All,
Does anyone know how to make IAS use Active directory to authenticate VPN
users..
I have the sample from cisco but that only displays local authentication..
Thanks a bunch,
Kevin
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61023&
the absence of air.
>
>In this Augustinian viewpoint, when no area authentication is configured
>then what you have is nothing. Which leaves the mystery of interface
>authentication and it's purpose.
Have you considered, then, the theological significance of the null
interface?
&g
area authentication is configured
then what you have is nothing. Which leaves the mystery of interface
authentication and it's purpose.
However, if one takes an anti-Augustinian view, which it appears that the
Cisco developers did, then when you read the documentation that states that
the de
ject: Tonight's Homily - OSPF authenitcation - I didn't know that!
> [7:60275]
>
> As many of you know, I've been reading Parkhurst's OSPF book for a number
> of
> reasons. So I'm fooling around in the chapter on interface commands, when
> something hits me
I'm also assuming you have the actual TACACS+ server configured with the
key?
tacacs-server host
tacacs-server timeout 15
tacacs-server key
Also try changing the line to:
aaa authentication login default group tacacs+ local
To specify going to all T
ot;>news:[EMAIL PROTECTED]...
> Okay I've got my login authentication, authorization and accounting
working
> on most of my switches and router through a ACS (TACACS+). But I have
this
> one router that gives me an "% Error in authentication" message as soon as
I
> pu
30 PM
To: [EMAIL PROTECTED]
Subject: ACS Authentication/Auth/Accounting [7:59393]
Okay I've got my login authentication, authorization and accounting
working
on most of my switches and router through a ACS (TACACS+). But I have
this
one router that gives me an "% Error in authentication&q
Do you have an enable password configured on the router?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59396&t=59393
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Non
Yes I do...
""Xueyan Liu"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Do you have an enable password configured on the router?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59397&t=59393
--
FAQ, list archi
Okay I've got my login authentication, authorization and accounting working
on most of my switches and router through a ACS (TACACS+). But I have this
one router that gives me an "% Error in authentication" message as soon as I
put in my username. It doesn't even allow me
Dear all,
Concerning the VPDN model as far as I know the VPDN authentication can
be done using dnis or domain name but what about the caller ID??
Can anyboday help me with this?? is it possible?? and if yes can anybody
guide me to some paers that'd help in VPDN configuration based on c
ate Dead Time Address
Interface
> 222.222.222.7 1 FULL/DR 00:01:58149.22.4.7 Serial0
> 222.222.222.111 FULL/DR 00:00:38149.22.252.2
Ethernet0
> Router_10#
>
> interface Serial0
> ip address 149.22.4.10 255.255.255.0
> encapsul
""Silju Pillai"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> I tried this too. I am pasting the results.
>
> R5#
> interface Serial0/2
> ip address 192.168.1.209 255.255.255.252
> ip ospf authentication
> ip os
Hi,
I tried this too. I am pasting the results.
R5#
interface Serial0/2
ip address 192.168.1.209 255.255.255.252
ip ospf authentication
ip ospf authentication-key cisco
router ospf 10
log-adjacency-changes
area 0 authentication
network 30.30.30.0 0.0.0.255 area 0
network 192.168.1.208
Vicuna, Mark would like to recall the message, "Last Minute Thought -
OSPF authentication issue? [7:58352]".
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58355&t=58355
--
FAQ, list archives, and subsc
30, 2002 8:03 PM
To: [EMAIL PROTECTED]
Subject: Last Minute Thought - OSPF authentication issue? [7:58352]
check this out.
R10
--
Neighbor ID Pri State Dead Time Address
Interface
222.222.222.7 1 FULL/DR 00:01:58149.22.4.7
Serial0
222.222.222.111 FULL
It would seem you wanted to use md5 authentication but you used
plain text authentication keys. In this situation - when there are no md5
authentication keys specified - I think the routers will use null key,
meaning
no authentication will take place...
""The Long and Winding Road&q
149.22.4.10 255.255.255.0
encapsulation frame-relay
no ip route-cache
ip ospf authentication message-digest
ip ospf authentication-key 7 qwertyzzyzx
R7
-
Neighbor ID Pri State Dead Time Address Interface
222.222.222.101 FULL/BDR00:01:57149.22.4.10
to configure the MSFC2 on my 6506 to use RADIUS authentication
> from my Windows 2000 Server. What I would like is to have the MSFC
> authenticate users using the RADIUS server on login. I would also like a
> backup account locally in case RADIUS authentication is not available. If
&
I am trying to configure the MSFC2 on my 6506 to use RADIUS authentication
from my Windows 2000 Server. What I would like is to have the MSFC
authenticate users using the RADIUS server on login. I would also like a
backup account locally in case RADIUS authentication is not available. If
it is
""Magondo, Michael"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Russell
>
> Are you saying that CHAP is not capable of one way authentication?? And
> to do this one has to use PAP???
Almost, but not quite... CHAP can operate in 2 mo
Russell
Are you saying that CHAP is not capable of one way authentication?? And
to do this one has to use PAP???
Michael
-Original Message-
From: Russell Heilling [mailto:[EMAIL PROTECTED]]
Sent: 27 September 2002 12:10 PM
To: [EMAIL PROTECTED]
Subject: Re: chap authentication LONG
Ok I have tested this and got it to work with out the dual usernames on
bouth router, as I was talking about in the previous post
but that still leves my orginal question, and if any one can see anything
from the debug, that would be great.
Message Posted at:
http://www.groupstudy.com/form/re
Ok thanx for the explanation
to get this 100% I just have one more question
If I am calling an ISP
Router 1
has in its config
dialer 0
ppp authentication chap calli
ppp chap hostname bla
ppp chap password bla1
and that works to authenticate to the ISP router, but as chap is two way, do
I
any hostname or password to put in my router to authenticate the
> ISP router
>
> Or do I
What you are describing is what happens in PAP authentication (as used with
most single user dial ISP accounts), with CHAP *both* routers need to
authenticate with each other, so you will need to pu
Do I have to have the hostname of each router in each other, if I am calling
an ISP I just get a username and password, that I send the ISP router, I
dont get any hostname or password to put in my router to authenticate the
ISP router
Or do I
Message Posted at:
http://www.groupstudy.com/fo
I just spent a second reading the debug... did you put the hostname of each
router in the other and use the same password? In reference to: > 00:03:55:
BR0:1 CHAP: Username jal-3660 not found
Also verify that multilink and ppp authentication chap are set in both.
- Original Mess
It´s my understanging that when I use ppp authentication chap callin
i dont have to have the username on my router, as if I was calling into an
ISP then the ISP´s route would have to have a username on my router, and I
dont think that is the that is used.
Message Posted at:
http
looks quite similiar to a recent thread.
username jal-3660 password blahblahblah
remember CHAP is a two wat authentication.
Dave
"Arni V. Skarphedinsson" wrote:
>
> Well I have some more chap authentication issues, and if someone can give
me
> any pointers that wou
Well I have some more chap authentication issues, and if someone can give me
any pointers that would be great,
I have two routers
a 1003 who is calling an 3660 over ISDN
this is the debug from the 100300:03:54: %LINK-3-UPDOWN: Interface BRI0:1,
changed state to up
00:03:55: %DIALER-6-BIND
The thing is that is I am calling an ISP so I have no control over the
router I am calling into, I cant use that routers hostname as a username as
I have an account there with a username that I have to use, and the problem
seems to be sending that username to the ISP router..
Message Posted at:
: Wednesday, September 25, 2002 6:12 AM
To: [EMAIL PROTECTED]
Subject: PPP authentication problem [7:54047]
I am having problems with a ISDN router calling into an ISP,
the CHAP authentication is not sending the correct username.
the debug i get
PPP BRI0:1: CHAP challenge from 3640
00:10:21: PPP
Do you have the following on the router giving the error:
username 3640 password
""Arni V. Skarphedinsson"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have already tried using ppp authentication chap callin, and that does
not
> change
I have already tried using ppp authentication chap callin, and that does not
change anything
yes the IP unnumberd is just there for testing, as this router I am using
can not do IP address negoitedted, and NAT
but the production router will be able to.
Could that be the issue, from the debug
Hi Arni,
The one thing to note about CHAP is that the Authentication process is
bi-directional. That is to say that, in a normal CHAP Setup your Router will
send a USERNAME/PASSWORD combination to the Remote End and the Remote End
will send a USERNAME/PASSWORD combination to your Router.
This is
I am having problems with a ISDN router calling into an ISP,
the CHAP authentication is not sending the correct username.
the debug i get
PPP BRI0:1: CHAP challenge from 3640
00:10:21: PPP BRI0:1: USERNAME 3640: lookup failure.
00:10:21: PPP BRI0:1: Unable to authenticate for peer.
it always
u guys! How do I
> enable ospf md5
> authentication in a hub and spoke multipoint
> network.
>
> I need authentication between a single spoke and the
> hub. I do not want auth
> between the same hub and the 'other spoke'. Remember
> this is
I am trying this in the lab, so...
"clear ip route *" doesn't work. I have tried clearing both the "neigh" and
the "route", no effect at all.
The way I can make authentication works is configure it from the beginning,
before Router A and B
ha
rect me if that is the case. Dain.
""enginedrive2002"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> If Router A and Router B are connected using serial interface, both of
them
> are running EIGRP.
>
> On Router A, I have config
"clear ip eigrp nei" doesn't work for me. Router A and B can still see each
other and send the routing update. Looks like this problem only exist when
Router A and B is already running EIGRP and you want to add the
authentication later.
When I configure the Router A with authenti
Configuration basically correct on router A side.
Can you try a 'clear ip eigrp nei' and see what happen?
I have experience I have to apply this config in router twice to get it work.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=53517&t=53513
--
If Router A and Router B are connected using serial interface, both of them
are running EIGRP.
On Router A, I have configure "ip authentication mode eigrp AS# md5" and "ip
authentication key-chain eigrp AS# " under interface
configuration mode, also configure the "key c
Hello Everbody,
>From what I have seen, no matter what key or md5 authentication key you
configure (different in both sides), a client router will synchronize with
its server router.
I did not find a Cisco URL saying that MD5 authentication is just for
Symmetric Active/Passive Mode mode, s
Kelly,
What does the debug of the RIPv2 MD5 error look like? Trying
posting it (the debug of the authentication, I mean) to the list, I'm sure
someone have seen the error before and can let you know if you've missed
anything other than what you might have already cover
Darn, left off the area 0 thing. Knew it was something simple. Thank you.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52254&t=52238
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report
Remember that the virtual link is part of area 0, so did you do area 0
authentication message-digest?
Also how did you specify the key..
Router ospf 100
Area 0 authentication message-digest
Area X virtual-link a.b.c.d message-digest-key 1 md5 password
This must be on both routers.
I am
My OSPF link will not come up. I'm trying to do MD5 authentication across a
virtual link. I thought there was a trick to this but I can not remember.
Any help?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52238&t=52238
-
No problem, this will explain it(watch the wrap):
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secu
r_c/scprt1/index.htm
-Original Message-
From: Robert D. Cluett
To: [EMAIL PROTECTED]
Sent: 8/19/02 4:29 PM
Subject: AAA Authentication [7:51668]
I am going to
I am going to install some sort of accounting and privlidge managment on an
access server. Essentially I want to restrict certain commands from being
used and log the amount of time that a user has used the system. Is there a
method or application that will best suit this?
Message Posted at:
1 - 100 of 290 matches
Mail list logo