authentication key-chain

Use this command to configure IS-IS authentication key chain for this device.

Syntax

authentication key-chain keychain [level-1 | level-1-2 | level-2]
no authentication key-chain keychain [level-1 | level-1-2 | level-2]

Parameters

keychain Specifies the name of the key chain. Valid values are up to 16 alpha-numeric characters.
level-1 (Optional) Specifies that the key chain configuration should be restricted to level 1.
level-1-2 (Optional) Specifies that the key chain configuration should be applied to both level 1 and level 2.
level-2 (Optional) Specifies that the key chain configuration should be restricted to level 2.

Defaults

If no option is specified, the key chain is applied to both level 1 and level 2.

Mode

IS-IS router configuration.

Usage

Configuring a device key chain enables authentication on the device.

A key chain or area and domain passwords can be configured for the device, but not both a key chain and any password. If either an area or domain password is configured for the device, it must be removed before attempting to configure a device key chain. The device key chain can be overridden by configuring either a key chain or a password on the interface. A device level key chain can coexist with an interface password because the interface is checked first, and if either an interface key chain or password exist, the device level configuration is not checked.

The “no” form of this command removes the authentication key-chain configuration.

Example

This example shows how to configure the IS-IS authentication key chain to keychainlv1 and restricts the key chain configuration to level 1:

System(rw)->configure
System(rw-config)->router isis
System(rw-config-isis)->authentication keychain keychainlv1 level-1
System(rw-config-isis)->