Authentication-Key Lsp-4 - Cisco Nexus 7000 Series Command Reference Manual

Nx-os lisp command reference

Hide thumbs Also See for Nexus 7000 Series:

Command reference manual (1018 pages)

Reference manual (746 pages)

Configuration manual (536 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

page of 198

/ 198
Contents
Table of Contents
Bookmarks

Table of Contents

authentication-key

S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m .

authentication-key

To configure the password used to create the SHA-1 HMAC hash for authenticating the Map-Register

message sent by an egress tunnel router (ETR) when registering to the Map-Server, use the

authentication-key command. To remove the password, use the no form of this command.

Syntax Description

key-type

password

None

Defaults

LISP site configuration mode

Command Modes

network-admin

Supported User Roles

vdc-admin

Command History

Release

5.0(1.13)

When a Locator/ID Separation Protocol (LISP) ETR registers with a Map-Server, the Map Server must

Usage Guidelines

already have been configured with certain LISP site attributes that match the ETR attributes. These

attributes include a shared password that is used to create the SHA-1 HMAC hash that the Map Server

uses to validate the authentication data in the Map-Register message. On the ETR, this password is

configured by using the ip lisp etr map-server and ipv6 lisp etr map-server command.

On the Map Server, the password is configured as part of the lisp site configuration process. To enter the

LISP site password, enter the authentication-key command in LISP site configuration mode. You can

enter the SHA-1 HMAC password in unencrypted (cleartext) form or encrypted form. To enter an

unencrypted password, specify a key-type value of 0. To enter a 3DES-encrypted password, specify a

key-type value of 3. To enter a Cisco-encrypted password, specify a key-type value of 7.

Map-Server authentication keys entered in cleartext form automatically are converted to Type 3

Caution

(encrypted) form.

Cisco Nexus 7000 Series NX-OS LISP Command Reference

LSP-4

authentication-key key-type password

no authentication-key key-type password

Key type that the following SHA-1 password is encoded using Type (0) indicates

that a cleartext password follows. Type (3) indicates that a 3DES encrypted key

follows, and Type (7) indicates that a Cisco Type 7 encrypted password follows.

Password used to create the SHA-1 HMAC hash when authenticating the

Map-Register message sent by the ETR.

Modification

This command was introduced.

Cisco Nexus 7000 Series LISP Commands

Table of Contents

Authentication-Key Lsp-4 - Cisco Nexus 7000 Series Command Reference Manual

Related Manuals for Cisco Nexus 7000 Series

Related Content for Cisco Nexus 7000 Series

Table of Contents