Authentication can be set both globally to authenticate between IS-IS domains and areas. Authentication can be set in interface configuration mode for authentication between intermediate systems within an area. Authentication is enabled in global configuration mode by assigning an area password. Authentication is enabled in interface configuration mode by assigning an IS-IS password.
Use the domain-password command to enable domain authentication at the intermediate system global level.
Use the area-password command to enable area authentication at the intermediate system global level.
Use the isis password command to enable authentication in interface configuration mode.
The authentication mode can be set at either the global or interface mode to either MD5 or text. Specify the IS-IS level of the intermediate system or interface when configuring authentication mode.
Use the authentication-mode command in global configuration mode to set the authentication mode at the intermediate system global level.
Use the isis authentication-mode command in interface configuration mode to set the authentication mode at the interface level.
A configured key-chain can be applied to IS-IS authentication in either a global or interface context.
Use the authentication key-chain command in IS-IS configuration mode to apply a key chain to IS-IS authentication for the intermediate system.
Use the isis authentication key-chain command in interface configuration mode to apply a key chain to IS-IS authentication in an interface context.
Authentication can be configured for send frames only at both the global and interface level. When configured, no authentication will be performed on received frames for the configured context.
Use the authentication send-only command to configure IS-IS to only include authentication on frames sent by the intermediate system.
Use the isis authentication send-only command in interface configuration mode to configure IS-IS to only include authentication on frames sent by the interface.