Table of Contents
Advertisement
Configuring Authentication of CSNPs and PSNPs
area-authentication
domain-authentication
Copyright © 2010, Juniper Networks, Inc.
Use to configure HMAC MD5 authentication for a domain.
Generates a secure, encrypted message digest of level 2 packets (LSPs, CSNPs, and
PSNPs) and inserts the digest into the packet from which it is created.
Issuing this command enables MD5 authentication of level 2 LSPs only. To enable MD5
authentication of level 2 CSNPs or PSNPs, use the domain-authentication command.
You can specify whether the key is entered in unencrypted or encrypted format. If you
do not specify which, the string is assumed to be unencrypted.
Example
host1(config-router)#domain-message-digest-key 4 hmac-md5 4bFjt7es
Use the no version to delete the MD5 key specified by the key ID.
See domain-message-digest-key
You must enable and disable authentication of CSNP packets and PSNP packets
separately from authentication of LSP packets.
Use to enable or disable (suppress) simple authentication or HMAC MD5 authentication
of IS-IS level 1 CSNP packets or PSNP packets.
When authentication is enabled, it uses either the simple text password specified by
the area-authentication-key command, or the HMAC MD5 key specified by the
area-message-digest-key command.
You must specify either the csnp keyword to enable authentication of level 1 CSNP
packets, or the psnp keyword to enable authentication of level 1 PSNP packets.
Example
host1(config-router)#area-authentication csnp
Use the no version to restore the default behavior, in which authentication of level 1
CSNPs and PSNPs is disabled. When authentication of level 1 CSNPs or PSNPs is
suppressed, the router does not authenticate these packets when it receives them,
nor does it send authentication information in these packets when it transmits them.
See area-authentication
Use to enable or disable (suppress) simple authentication or HMAC MD5 authentication
of IS-IS level 2 CSNP packets or PSNP packets.
When authentication is enabled, it uses either the simple text password specified by
the domain-authentication-key command, or the HMAC MD5 key specified by the
domain-message-digest-key command.
You must specify either the csnp keyword to enable authentication of level 2 CSNP
packets, or the psnp keyword to enable authentication of level 2 PSNP packets.
Chapter 6: Configuring IS-IS
349
Advertisement
Table of Contents
Need help?
Do you have a question about the JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP-IPV6-IGP CONFIGURATION GUIDE 2010-10-31 and is the answer not in the manual?
Questions and answers