思科OSPF区域认证命令:--------------------------------
1、明码认证:
Router1(config)# area [区域ID] authentication
Router1(config)# int 接口
Router1(config-if)# ip ospf authentication-key [密码]
2、加密认证(MD5):
Router1(config)# area [区域ID] authentication message-digest
Router1(config)# int 接口
Router1(config-if)# ip ospf message-digest-key [Key-ID] authentication [密码] //Key-ID:密匙链ID,取值1-255,验证双方需一样
具体实例:----------------------------
连接如图 区域0 明文认证 区域1 MD5认证
R1 的配置如下
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
no fair-queue
serial restart-delay 0
!
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
ip ospf authentication-key 123
serial restart-delay 0
clock rate 64000
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
area 0 authentication
network 1.1.1.1 0.0.0.0 area 0
network 12.1.1.1 0.0.0.0 area 0
!
ip classless
ip http server
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
R2 的配置如下:
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
ip ospf authentication-key 123
serial restart-delay 0
clock rate 64000
!
interface Serial1/1
ip address 23.1.1.1 255.255.255.0
ip ospf authentication-key 1 md5 123
serial restart-delay 0
clock rate 64000
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
area 0 authentication
area 1 authentication message-digest
network 12.1.1.2 0.0.0.0 area 0
network 23.1.1.1 0.0.0.0 area 1
!
ip classless
ip http server
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
R3 的配置如下:
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address 23.1.1.2 255.255.255.0
ip ospf authentication-key 1 md5 123
serial restart-delay 0
clock rate 64000
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
area 1 authentication message-digest
network 3.3.3.3 0.0.0.0 area 1
network 23.1.1.2 0.0.0.0 area 1
!
ip classless
ip http server
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2010-6-22 11:20:30
置顶卡
喧嚣卡
变色卡
千斤顶
发表于 2010-6-22 11:28:02
发表于 2010-7-28 15:03:56
