C613-50631-01 Rev A Command Reference for IE340 Series 1247
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
OSPFV3 FOR IPV6 COMMANDS
IPV
6 OSPF AUTHENTICATION SPI
See the OSPFv3 Feature Overview and Configuration Guide for more information
and examples.
NOTE: You can configure an authentication security policy (SPI) on an interface with
this command, or an OSPFv3 area with the area authentication ipsec spi command.
When you configure authentication for an area, the security policy is applied to all
interfaces in the area. Allied Telesis recommends a different authentication security
policy is applied to each interface for higher security.
If you apply the ipv6 ospf authentication null command, this affects authentication
configured on both the interface and the OSPFv3 area.
This is due to OSPFv3 hello messages ingressing interfaces, which are part of area
authentication, not being authenticated. So neighbors time out.
Example To enable SHA-1 authentication with a 40 hexadecimal character key for interface
VLAN 2, use the commands:
awplus# configure terminal
awplus(config)# interface vlan2
awplus(config-if)# ipv6 ospf authentication ipsec spi 1000 sha1
1234567890ABCDEF1234567890ABCDEF12345678
To specify no authentication is applied to interface VLAN 2, use the commands:
awplus# configure terminal
awplus(config)# interface vlan2
awplus(config-if)# ipv6 ospf authentication null
To disable authentication for interface VLAN 2, use the commands:
awplus# configure terminal
awplus(config)# interface vlan2
awplus(config-if)# no ipv6 ospf authentication ipsec spi 1000
Related
commands
area authentication ipsec spi
area encryption ipsec spi esp
ipv6 ospf encryption spi esp
show ipv6 ospf interface
To Next Page
Loading...
Need help?
General
