OSPF Authentication on Cisco Routers

Posted February 18, 2004 by Al Banks in Cisco router

This tech-recipe describes configuring OSPF authentication to prevent unauthorized routing updates.


In this example, Router A and Router B are connected with a WAN link. The WAN is addressed as 192.168.0.0/30. Router A has 10.1.1.0/24, and Router B has 10.2.2.0/24 on their respective FastEthernet interfaces.

Configure OSPF for basic routing:

Router A:router ospf 100
network 10.1.1.0 0.0.0.255 area 10.1.1.0
network 192.168.0.0 0.0.0.3 area 0.0.0.0

Router B:router ospf 100
network 10.2.2.0 0.0.0.255 area 10.2.2.0
network 192.168.0.0 0.0.0.3 area 0.0.0.0

Now, the routing table in both routers should show OSPF routes.

Configure OSPF for authentication:

Router A:interface serial 0/0
ip ospf message-digest-key 10 md5 PASSWORD
router ospf 100
area 0 authentication message-digest

Router B:interface serial 0/0
ip ospf message-digest-key 10 md5 PASSWORD
router ospf 100
area 0 authentication message-digest

Now, the two routers should be authenticating updates.

The Conversation

Follow the reactions below and share your own thoughts.