简单记录一下,没什么特别的。
OSPF认证实验方案:
1、R1与R2进行邻居md5认证
2、area 2进行区域md5认证
3、R1与R2之间创建基于area1的虚链路,进行虚链路md5认证
R1主要配置信息:
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip ospf authentication message-digest //在接口上启用OSPF邻居md5认证
ip ospf message-digest-key 1 md5 cisco //在接口上配置OSPF邻居认证密钥
ip ospf 1 area 1
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
area 1 virtual-link 2.2.2.2 authentication message-digest //在虚链路上启用md5认证
area 1 virtual-link 2.2.2.2 message-digest-key 1 md5 vlink //创建虚链路并配置OSPF虚链路认证密钥
!
R2主要配置信息:
!
interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.0
ip ospf authentication message-digest //在接口上启用OSPF邻居md5认证
ip ospf message-digest-key 1 md5 cisco //在接口上配置OSPF邻居认证密钥
ip ospf 1 area 1
!
interface FastEthernet1/0
ip address 192.168.2.1 255.255.255.0
ip ospf message-digest-key 1 md5 area //在区域所属接口上配置区域认证密钥
ip ospf 1 area 2
!
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
area 1 virtual-link 1.1.1.1 authentication message-digest //在虚链路上启用md5认证
area 1 virtual-link 1.1.1.1 message-digest-key 1 md5 vlink //创建虚链路并配置OSPF虚链路认证密钥
area 2 authentication message-digest //在area2上配置OSPF区域md5认证
!
R3主要配置信息:
!
interface FastEthernet0/0
ip address 192.168.2.2 255.255.255.0
ip ospf message-digest-key 1 md5 area //在区域所属接口上配置区域认证密钥
ip ospf 1 area 2
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
area 2 authentication message-digest //在area2上配置OSPF区域md5认证
!