Cisco CCNP BSCI 642-901 Tutorial: Clear Text OSPF Neighbor Authentication
Computers & Technology → Networking
- Author Chris Bryant
- Published February 6, 2007
- Word count 499
An OSPF adjacency can be authenticated with MD5 (Message Digest 5) or with a clear-text password. I’m not much on clear-text passwords, and hopefully you aren’t either! Whether you’re working in the real world or the certification exam room, though, it’s always a good idea to know more than one way to do things. Let’s take a look at how to configure clear-text authentication of an OSPF neighbor relationship.
The commands we’ll use are “ip ospf authentication-key” and “ip ospf authentication”. In this example, we have preexisting adjacencies between three routers in an OSPF NBMA network. The hub router (R1) has an adjacency with two spoke routers, R2 and R3.
The password is set by the interface-level command ip ospf authentication-key. While Cisco routers will usually tell you when you’re about to try to do something that you can’t do, this password is a rare exception to the rule. Let’s set a password of passbscitest and then check the router config.
R1(config-if)#ip ospf authentication-key ?
Encryption type (0 for not yet encrypted, 7 for proprietary)
LINE The OSPF password (key)
R1(config-if)#ip ospf authentication-key passbscitest
R1#show config
interface Serial0
ip address 172.12.123.1 255.255.255.0
encapsulation frame-relay
ip ospf authentication-key passbsci
I entered a 12-character password, but only the first eight are showing in the router configuration. The router failed to warn us that this particular password has a limit of eight characters. As of IOS 12.4, the router now warns the admin about this, but there are plenty of routers out there that aren’t running that recent a release!
Clear-text authentication is enabled with the ip ospf authentication command. IOS Help shows there is no specific command for clear-text authentication. (Null and clear-text authentication are not the same thing.)
R1(config)#int serial0
R1(config-if)#ip ospf authentication ?
message-digest Use message-digest authentication
null Use no authentication
To set clear-text authentication, just use the basic command with no options.
R1(config-if)#ip ospf authentication
About two minutes after entering that configuration, the preexisting adjacencies go down:
R1#
00:25:38: %OSPF-5-ADJCHG: Process 1, Nbr 172.12.123.2 on Serial0 from FULL to DOWN, Neighbor Down: Dead timer expired
R1#
00:25:58: %OSPF-5-ADJCHG: Process 1, Nbr 172.12.123.3 on Serial0 from FULL to DOWN, Neighbor Down: Dead timer expired
R1#
Until we configure the spoke routers with the same config, the adjacencies will stay down – so let’s get those spokes configured!
R2(config)#interface serial0
R2(config-if)#ip ospf authentication-key passbsci
R2(config-if)#ip ospf authentication
R3(config)#interface serial0
R3(config-if)#ip ospf authentication-key passbsci
R3(config-if)#ip ospf authentication
On R1, show ip ospf neighbor verifies that the adjacencies are back up.
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.12.123.3 0 FULL/DROTHER 00:01:58 172.12.123.3 Serial0
172.12.123.2 0 FULL/DROTHER 00:01:37 172.12.123.2 Serial0
Now that you know how to configure OSPF neighbor authentication in clear text, you need to learn how to use MD5 authentication, and that just happens to be the subject of my next CCNP BSCI 642-901 exam tutorial! See you then!
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage (http://www.thebryantadvantage.com).
For his FREE seven-part course, “How To Pass The CCNA”, visit the website and sign up today! Daily free CCNA, CCNP, Network+, Security+, and A+ certification questions, too!
Article source: https://articlebiz.comRate article
Article comments
There are no posted comments.
Related articles
- Optimize Your Website for the Better Sight
- How To Develop & Implement A Network Security Plan
- Mastering VoIP: Overcoming Common Communication Challenges
- What Concerns Do Enterprises Have When Choosing Network Monitoring Software?
- Spectrum Router Red Light: Troubleshooting Guide and Solutions
- Web Development Made Easy: Why Outsourcing is the Smart Choice
- INTERNET OF THINGS
- Enhancing Business Communication with 3CX: A Powerful Unified Communications Solution
- How to Fix "No Signal, Please Check Your Antenna Connection" Error
- AN INTRODUCTION TO INTERNET MARKETING
- Passwordless is the New Cyber Security, Emir Ceric’s Meveto Transform Verification, Logging In and Remote Sign Out
- The Ultimate Guide to Master YouTube and Monetization
- Preventing data theft in an enterprise environment
- The Art Of Cold Calling [Mastery In Seven Simple Steps]
- Quantum Computing and the future of IT Security
- 5G TECHNOLOGY AND IOT: HOW DO THESE TRENDS RELATE?
- SkyVPN Launches New Gaming Servers with Dedicated Servers for PUBG
- Smm reseller panel
- Steps to Transfer Files Using Kindle Desktop Application
- Save time on your FTP updates with FTPGetter Professional
- Add a file hosting and sharing service to your site with YetiShare
- MCS Multicast Switch for Next Generation ROADM
- Business Networking Tips for Beginners
- Using Virtual Serial Ports in Proteus
- Network Security Checklist for All Types of Businesses
- Create Your Own File-Hosting Website with YetiShare
- Cat5 cable vs Cat6 Cables: What are the Contrast?
- Automate FTP Downloads and Uploads with FTPGetter Professional
- On Demand Freelance Marketplace For Field Engineers
- Cisco Network Infrastructure Services in San Francisco