登录站点

用户名

密码

OSPF(五): 基于链路的OSPF简单口令认证

已有 1681 次阅读  2013-09-28 01:07   标签OSPF  链路认证  简单认证 

1、配置路由器R1
R1(config)#int lo 0
R1(config-if)#ip add 1.1.1.1 255.255.255.0
R1(config-if)#int s0/0
R1(config-if)#no shut
R1(config-if)#ip add 192.168.12.1 255.255.255.0
R1(config-if)#exit
R1(config)#router ospf 110
R1(config-router)#router-id 1.1.1.1
R1(config-router)#net 1.1.1.1 0.0.0.255 a 0
R1(config-router)#net 192.168.12.0 0.0.0.255 a 0
R1(config)#int s0/0
R1(config-if)#ip ospf authentication    //链路启用简单口令认证
R1(config-if)#ip ospf authentication-key cisco   //配置认证密码
 
2、配置路由器R2
R2(config)#int lo 0
R2(config-if)#ip add 2.2.2.2 255.255.255.0
R2(config-if)#int s0/0
R2(config-if)#no shut
R2(config-if)#ip add 192.168.12.2 255.255.255.0
R2(config-if)#exit
R2(config)#router ospf 110
R2(config-router)#router-id 2.2.2.2
R2(config-router)#net 2.2.2.2 0.0.0.255 a 0
R2(config-router)#net 192.168.12.0 0.0.0.255 a 0
R2(config)#int s0/0
R2(config-if)#ip ospf authentication
R2(config-if)#ip ospf authentication-key cisco
 
3、show ip ospf interface
R1#sh ip ospf interface
Serial0/0 is up, line protocol is up
  Internet Address 192.168.12.1/24, Area 0
  Process ID 110, Router ID 1.1.1.1, Network Type POINT_TO_POINT, Cost: 64
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    Hello due in 00:00:06
  Supports Link-local Signaling (LLS)
  Index 2/2, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 2.2.2.2
  Suppress hello for 0 neighbor(s)
  Simple password authentication enabled
  //以上输出最后两行信息表明该接口启用简单口令认证。
Loopback0 is up, line protocol is up
  Internet Address 1.1.1.1/24, Area 0
  Process ID 110, Router ID 1.1.1.1, Network Type LOOPBACK, Cost: 1
  Loopback interface is treated as a stub Host
 
PS:①如果R1的s0/0接口启动简单口令认证,而R2的s0/0接口没有启动认证,则R2上出现下面的信息:
*Sep 6 13:43:35.707: OSPF: Rcv pkt from 192.168.12.1, Serial0/0 : Mismatch Authentication type. Input packet specified type 1, we use type 0
②如果R1和R2的s0/0接口都启动简单口令认证,但是R2的接口下没有配置认证密码或密码错误,则R2上出现下面的信息:
*Sep 6 13:45:23.074: OSPF: Rcv pkt from 192.168.12.1, Serial0/0 :Mismatch Authentication Key-Clear Text
分享 举报