程序员人生 网站导航

OSPF路由认证(邻居、区域、虚链路)

栏目:服务器时间:2013-10-15 09:38:53

简单记录一下,没什么特别的。

OSPF认证实验方案:

1、R1与R2进行邻居md5认证

2、area 2进行区域md5认证

3、R1与R2之间创建基于area1的虚链路,进行虚链路md5认证

R1主要配置信息:

!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip ospf authentication message-digest //在接口上启用OSPF邻居md5认证
ip ospf message-digest-key 1 md5 cisco //在接口上配置OSPF邻居认证密钥
ip ospf 1 area 1
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
area 1 virtual-link 2.2.2.2 authentication message-digest //在虚链路上启用md5认证
area 1 virtual-link 2.2.2.2 message-digest-key 1 md5 vlink //创建虚链路并配置OSPF虚链路认证密钥
!

R2主要配置信息:

!
interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.0
ip ospf authentication message-digest //在接口上启用OSPF邻居md5认证
ip ospf message-digest-key 1 md5 cisco //在接口上配置OSPF邻居认证密钥
ip ospf 1 area 1
!
interface FastEthernet1/0
ip address 192.168.2.1 255.255.255.0
ip ospf message-digest-key 1 md5 area //在区域所属接口上配置区域认证密钥
ip ospf 1 area 2
!
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
area 1 virtual-link 1.1.1.1 authentication message-digest //在虚链路上启用md5认证
area 1 virtual-link 1.1.1.1 message-digest-key 1 md5 vlink //创建虚链路并配置OSPF虚链路认证密钥
area 2 authentication message-digest //在area2上配置OSPF区域md5认证
!

R3主要配置信息:

!
interface FastEthernet0/0
ip address 192.168.2.2 255.255.255.0
ip ospf message-digest-key 1 md5 area //在区域所属接口上配置区域认证密钥
ip ospf 1 area 2
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
area 2 authentication message-digest //在area2上配置OSPF区域md5认证
!

------分隔线----------------------------
------分隔线----------------------------

最新技术推荐