148
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter interface view.
interface
interface-type
interface-number
N/A
3. Specify the authentication
mode and password.
isis authentication-mode
{
gca
key-id
{
hmac-sha-1
|
hmac-sha-224
|
hmac-sha-256
|
hmac-sha-384
|
hmac-sha-512
} |
md5
|
simple
}
{
cipher
cipher-string |
plain
plain-string } [
level-1
|
level-2
] [
ip
|
osi
]
By default, no
authentication is
configured.
Configuring area authentication
Area authentication prevents the router from installing routing information from untrusted routers into
the Level-1 LSDB. The router encapsulates the authentication password in the specified mode in
Level-1 packets (LSP, CSNP, and PSNP) and checks the password in received Level-1 packets.
Routers in a common area must have the same authentication mode and password.
To configure area authentication:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter IS-IS view.
isis
[ process-id ] [
vpn-instance
vpn-instance-name ]
N/A
3. Specify the area
authentication mode and
password.
area-authentication-mode
{
gca
key-id
{
hmac-sha-1
|
hmac-sha-224
|
hmac-sha-256
|
hmac-sha-384
|
hmac-sha-512
} |
md5
|
simple
}
{
cipher
cipher-string |
plain
plain-string } [
ip
|
osi
]
By default, no area authentication
is configured.
Configuring routing domain authentication
Routing domain authentication prevents untrusted routing information from entering into a routing
domain. A router with the authentication configured encapsulates the password in the specified
mode into Level-2 packets (LSP, CSNP, and PSNP) and check the password in received Level-2
packets.
All the routers in the backbone must have the same authentication mode and password.
To configure routing domain authentication:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter IS-IS view.
isis
[ process-id ] [
vpn-instance
vpn-instance-name ]
N/A
To Next Page
Loading...
