思科OSPF区域认证

命令：--------------------------------

1、明码认证：
Router1(config)# area [区域ID] authentication
Router1(config)# int 接口
Router1(config-if)# ip ospf authentication-key [密码]

2、加密认证(MD5)：
Router1(config)# area [区域ID] authentication message-digest
Router1(config)# int 接口
Router1(config-if)# ip ospf message-digest-key [Key-ID] authentication [密码] //Key-ID：密匙链ID,取值1－255,验证双方需一样

具体实例：----------------------------

连接如图

 

                        区域0 明文认证        区域1 MD5认证

R1 的配置如下

interface Loopback0

ip address 1.1.1.1 255.255.255.0

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

no ip address

shutdown

no fair-queue

serial restart-delay 0

!

interface Serial1/1

ip address 12.1.1.1 255.255.255.0

ip ospf authentication-key 123

serial restart-delay 0

clock rate 64000

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

area 0 authentication

network 1.1.1.1 0.0.0.0 area 0

network 12.1.1.1 0.0.0.0 area 0

!

ip classless

ip http server

!

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

end

 

R2 的配置如下：

 

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 12.1.1.2 255.255.255.0

ip ospf authentication-key 123

serial restart-delay 0

clock rate 64000

!

interface Serial1/1

ip address 23.1.1.1 255.255.255.0

ip ospf authentication-key 1 md5 123

serial restart-delay 0

clock rate 64000

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!        

router ospf 1

log-adjacency-changes

area 0 authentication

area 1 authentication message-digest

network 12.1.1.2 0.0.0.0 area 0

network 23.1.1.1 0.0.0.0 area 1

!

ip classless

ip http server

!

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

end

 

R3 的配置如下：

 

interface Loopback0

ip address 3.3.3.3 255.255.255.0

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 23.1.1.2 255.255.255.0

ip ospf authentication-key 1 md5 123

serial restart-delay 0

clock rate 64000

!

interface Serial1/1

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

area 1 authentication message-digest

network 3.3.3.3 0.0.0.0 area 1

network 23.1.1.2 0.0.0.0 area 1

!

ip classless

ip http server

!

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

end