HP 3500YL User Manual

IP Routing Features

Configuring OSPF

OSPF MD5 Authentication on a Virtual Link.

Syntax: ip ospf md5-auth-key-chain < chain-name-string >

no ip ospf [ ip-address ] authentication

Used to configure MD5 authentication in the router OSPF
context on both ABRs in a virtual link . The MD5
authentication takes effect immediately, and all OSPF packets
transmitted on the link contain the designated key. Every
OSPF packet received on the interface for the virtual link on
each ABR is checked for the key. If it is not present, then the
packet is dropped. To disable MD5 authentication on an ABR
interface used for a virtual link, use the

no form of the

command. The password must be the same on both ABRs on a
given virtual link.

Note: Before using this authentication option, you must
configure one or more key chains on the routing switch by
using the Key Management System (KMS) described in the
chapter titled “Key Management System” in the Access
Security Guide for your routing switch.

[ ip-address ]: For an ABR in a given virtual link, this is the IP
address used to create the link on that ABR. (This IP address
matches the IP address of the interface on the opposite end of
the virtual link. Refer to the description of

< ip-address > in the

syntax description under “Configuring a Virtual Link” on
page 5-89.).
< chain-name-string >: The name of a key generated using the
key-chain < chain_name > key < key_id > command. To change the
MD5 authentication configured on a virtual link, re-execute
the command with the new MD5 key.

Note: To replace the MD5 method with the password method
on a virtual link, overwrite the MD5 configuration by using
the password form of the command shown under “OSPF
Password Authentication on a Virtual Link” on page 5-94. (It
is not necessary to disable the currently configured OSPF MD5
authentication.)

Default: Disabled

5-95