OSPF Authentication on Cisco Routers

Contributor Icon Contributed by abanks Date Icon February 18, 2004  
Tag Icon Tagged: Cisco router

Configure OSPF authentication to prevent unauthorized routing updates.


In this example, Router A and Router B are connected with a WAN link. The WAN is addressed as 192.168.0.0/30, Router A has 10.1.1.0/24 and Router B has 10.2.2.0/24 on their respective FastEthernet interfaces.

Configure OSPF for basic routing:

Router A:router ospf 100
network 10.1.1.0 0.0.0.255 area 10.1.1.0
network 192.168.0.0 0.0.0.3 area 0.0.0.0

Router B:router ospf 100
network 10.2.2.0 0.0.0.255 area 10.2.2.0
network 192.168.0.0 0.0.0.3 area 0.0.0.0

Now, the routing table in both routers should show OSPF routes.

Configure OSPF for authentication:

Router A:interface serial 0/0
ip ospf message-digest-key 10 md5 PASSWORD
router ospf 100
area 0 authentication message-digest

Router B:interface serial 0/0
ip ospf message-digest-key 10 md5 PASSWORD
router ospf 100
area 0 authentication message-digest

Now, the two routers should be authenticating updates.

Previous recipe | Next recipe |
 
  • eddy
    we have cisco switches 3548xl, (4pcs.) 3542 and one access router 2600.
    There are 8 remote pC needed to connect in our server to access our
    database. We are using a network address of 197.166.177.0, we assigned
    197.166.177.1 for our server.
    I configure the router and assigned 197.166.177.4 for fastethernet
    (f0/0) and i put IP address for "Async interface (ASYNC 35)" 196.177.166.5 255.255.255.0 subnet mask. I make a default-gateway with IP add
    196.177.166.5 and assigned an IP add for remote user with IP add 196.177.166.7.
    In remote PC, i assigned an IP address with 196.177.166.7 ( as i declare in router) and enable the default-gateway, with DNS address of 196.177.177.166.1(server).
    I try to connect in router and i succeed but when i used to ping the SERVER, it gives an "REQUEST TIMEOUT ERROR".
  • noo!!
    just try to fix default gateway ip add to 196.166.177.4 on remote user
  • Luis
    Is there any way to disable thie authentication?
blog comments powered by Disqus