Dell Force10 S25N-S50N FTOS Command Line Reference Guide FTOS 8.4.2.7 E-Series - Page 1064
area authentication
View all Dell Force10 S25N-S50N manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 1064 highlights
www.dell.com | support.dell.com area authentication e t Configure an IPsec authentication policy for OSPFv3 packets in an OSPFv3 area. Syntax area area-id authentication ipsec spi number {MD5 | SHA1} [key-encryption-type] key Parameters area area-id ipsec spi number MD5 | SHA1 key-encryption-type key Area for which OSPFv3 traffic is to be authenticated. For area-id, you can enter a number or an IPv6 prefix. Security Policy index (SPI) value that identifies an IPsec security policy. Range: 256 to 4294967295. Authentication type: Message Digest 5 (MD5) or Secure Hash Algorithm 1 (SHA-1). (OPTIONAL) Specifies if the key is encrypted. Valid values: 0 (key is not encrypted) or 7 (key is encrypted). Text string used in authentication. For MD5 authentication, the key must be 32 hex digits (non-encrypted) or 64 hex digits (encrypted). For SHA-1 authentication, the key must be 40 hex digits (non-encrypted) or 80 hex digits (encrypted). Default Not configured. Command Modes ROUTER OSPFv3 Command History Version 8.4.2.0 Introduced Usage Information Before you enable IPsec authentication on an OSPFv3 area, you must first enable OSPFv3 globally on the router. You must configure the same authentication policy (same SPI and key) on each interface in an OSPFv3 link. An SPI number must be unique to one IPsec security policy (authentication or encryption) on the router. If you have enabled IPsec encryption in an OSPFv3 area with the area encryption command, you cannot use the area authentication command in the area at the same time. The configuration of IPsec authentication on an interface-level takes precedence over an area-level configuration. If you remove an interface configuration, an area authentication policy that has been configured is applied to the interface. To remove an IPsec authentication policy from an OSPFv3 area, enter the no area area-id authentication spi number command. Related Commands ipv6 ospf authentication show crypto ipsec policy Configure an IPsec authentication policy on an OSPFv3 interface. Display the configuration of IPsec authentication policies. 1064 | Open Shortest Path First (OSPFv2 and OSPFv3)