To do...
Enter system view
Enter interface view
Specify the authentication mode
and password
NOTE:
The level-1 and level-2 keywords are configurable on an interface that has IS-IS enabled.
•
If you configure an authentication mode and a password without specifying a level, the authentication
•
mode and password apply to both Level-1 and Level-2.
•
If neither ip nor osi is specified, the OSI related fields in LSPs are checked.
Configuring area authentication
Area authentication enables a router not to install routing information from untrusted routers into the
Level- 1 LSDB. The router encapsulates the authentication password in the specified mode into Level- 1
packets (LSP, CSNP, and PSNP) and checks the password in received Level- 1 packets.
Routers in a common area must have the same authentication mode and password.
Follow these steps to configure area authentication:
To do...
Enter system view
Enter IS-IS view
Specify the area authentication
mode and password
Configuring routing domain authentication
Routing domain authentication prevents untrusted routing information from entering into a routing
domain. A router with the authentication configured encapsulates the password in the specified mode
into Level-2 packets (LSP, CSNP, PSNP) and check the password in received Level-2 packets.
All the routers in the backbone must have the same authentication mode and password.
Follow these steps to configure routing domain authentication:
To do...
Enter system view
Enter IS-IS view
Specify the routing domain
authentication mode and
password
Use the command...
system-view
interface interface-type interface-number
isis authentication-mode { md5 | simple }
password [ level-1 | level-2 ] [ ip | osi ]
Use the command...
system-view
isis [ process-id ] [ vpn-instance
vpn-instance-name ]
area-authentication-mode { md5 |
simple } password [ ip | osi ]
Use the command...
system-view
isis [ process-id ] [ vpn-instance
vpn-instance-name ]
domain-authentication-mode
{ md5 | simple } password [ ip |
osi ]
159
Remarks
—
—
Required
Not authentication is
configured by default.
Remarks
—
—
Required
No area authentication is
configured by default.
Remarks
—
—
Required
No routing domain authentication
is configured by default.