Reset Search
 

 

Article

How to secure ospf with an authentication simple-password

« Go Back

Information

 
TitleHow to secure ospf with an authentication simple-password
Objective
Securing OSPF neighbor's with authentication using a simple password.
Environment
  • OSPF
  • EXOS
  • Authentication
Procedure
Configuring OSPF securely is a OSPF area specific command.  Configure OSPF as you normally would, and use the blow command to enable security.

#configure ospf area <area-identifier> authentication simple-password <simple-password>


Example Topology:
User-added image

Sw1 Configuration:

configure "Default" ipaddress 1.1.1.1/30
enable ipforwarding vlan "Default"
configure ospf add def area 0.0.0.0 link-type point-to-point
configure ospf area 0.0.0.0 authentication simple-password secure
enable ospf



Sw2 Configuration:

configure "Default" ipaddress 1.1.1.2/30
enable ipforwarding vlan "Default"
configure ospf add def area 0.0.0.0 link-type point-to-point
configure ospf area 0.0.0.0 authentication simple-password secure
enable ospf
Additional notes
Switch1 # show ospf

OSPF                : Enabled          MPLS LSP as Next-Hop: No
RouterId            : 1.1.1.1          RouterId Selection  : Automatic
ASBR                : No               ABR                 : No
ExtLSA              : 0                ExtLSAChecksum      : 0x0
OriginateNewLSA     : 2                ReceivedNewLSA      : 2
SpfHoldTime         : 3                Lsa Batch Interval  : 30s
CapabilityOpaqueLSA : Enabled
10M Cost            : 10               100M Cost           : 5
1000M Cost (1G)     : 4                10000M Cost (10G)   : 2
40000M Cost (40G)   : 2
100000M Cost (100G) : 1
Router Alert        : Disabled         Import Policy File  :
ASExternal LSALimit : Disabled         Timeout (Count)     : Disabled (0)
Originate Default   : Disabled
SNMP Traps          : Disabled
VXLAN Extensions    : Disabled
Redistribute:
Protocol              Status   cost  Type Tag        Policy
direct                Disabled 0     0    0          None
static                Disabled 0     0    0          None
rip                   Disabled 0     0    0          None
e-bgp                 Disabled 0     0    0          None
i-bgp                 Disabled 0     0    0          None
isis-level-1          Disabled 0     0    0          None
isis-level-2          Disabled 0     0    0          None
isis-level-1-external Disabled 0     0    0          None
isis-level-2-external Disabled 0     0    0          None
host-mobility         Disabled 0     0    0          None


* Switch1.13 # show ospf area 0.0.0.0
Area: 0.0.0.0 Type: Normal
Router Id: 1.1.1.1
Spf Runs: 3 Num ABR: 0 Num ASBR: 0 Num LSA: 2 LSA Chksum:0x10946
Interfaces:
   IP addr          Ospf  State     DR IP addr      BDR IP addr
1.1.1.1        /30   E    P2P       0.0.0.0         0.0.0.0
Inter-Area route Filter:
External route Filter:
Configured Address Ranges:


* Switch1 .14 # show ospf neighbor
Neighbor ID     Pri State              Up/Dead Time             Address         Interface
          BFD Session State
==========================================================================================
1.1.1.2           1 FULL      /DROTHER 00:00:10:32/00:00:00:02  1.1.1.2         Default
          None

Total number of neighbors: 1 (All neighbors in Full state)

* Switch1.15 #

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255