Dell Force10 S4810P Reference Manual page 1211

Parameters
area
ipsec spi
MD5 | SHA1
key-encryption-
type
key
Defaults Not configured.
Command Modes ROUTER OSPFv3
Command History
Version 9.1.(0.0)
Version 8.4.2.0
Usage
Before you enable IPsec authentication on an OSPFv3 area, you must first enable OSPFv3
Information
globally on
the router. You must configure the same authentication policy (same SPI and key) on each
interface in
an OSPFv3 link.
An SPI number must be unique to one IPsec security policy (authentication or encryption) on
the
router.
If you have enabled IPsec encryption in an OSPFv3 area with the area encryption command,
you
cannot use the area authentication command in the area at the same time.
The configuration of IPsec authentication on an interface-level takes precedence over an
area-level
configuration. If you remove an interface configuration, an area authentication policy that has
been
configured is applied to the interface.
To remove an IPsec authentication policy from an OSPFv3 area, enter the no area area-id
authentication spi
area-id
Area for which OSPFv3 traffic is to be authenticated. For area-id, you
can enter a number.
The range is 0 to 4294967295.
number
Security Policy index (SPI) value that identifies an IPsec security
policy.
The range is 256 to 4294967295.
Authentication type: Message Digest 5 (MD5) or Secure Hash
Algorithm 1 (SHA-1).
(OPTIONAL) Specifies if the key is encrypted.
The values are 0 (key is not encrypted) or 7 (key is encrypted).
Text string used in authentication.
For MD5 authentication, the key must be 32 hex digits (non-
encrypted) or 64 hex digits (encrypted).
For SHA-1 authentication, the key must be 40 hex digits (non-
encrypted) or 80 hex digits (encrypted).
Introduced on the S4810 and Z9000.
Introduced on the E-Series TeraScale.
number command.
1211