area virtual-link authentication
(OSPFv3)
Syntax
area
{
ip-addr
|
decimal
}
virtual-link
E.F.G.H
authentication
spi
spi-value
{
ah
|
esp
null
}
{
hmac-md5
|
hmac-sha1
}
key
key
no area
{
A.B.C.D
|
decimal
}
virtual-link
E.F.G.H
authentication
spi
spi
Command Default
Authentication is not enabled on a virtual-link.
Parameters
-
ip-addr
- Area address in IP address format.
-
decimal
- Area address in decimal format.
-
E.F.G.H
- ID of the OSPFv3 device at the remote end of the virtual link.
-
spi
spi-value
-
Specifies the security policy index (SPI) value. Valid values range from decimal numbers 512 through 4294967295
-
ah
- Specifies authentication header (ah) as the protocol to provide packet-level security.
-
esp
- Specifies Encapsulating Security Payload (ESP) as the protocol to provide packet-level security.
- null
- Specifies that the ESP payload is not encrypted.
-
hmac-md5
-
Enables Hashed Message Authentication Code (HMAC) Message Digest 5 (MD5) authentication on the OSPF area.
-
hmac-sha1
-
Enables HMAC Secure Hash Algorithm 1 (SHA-1) authentication on the OSPF area.
-
key
key
- Number used in the calculation of the message digest. 40 hexadecimal character key. The 40 hexadecimal character key is encrypted by default.
Modes
OSPFv3 router configuration mode
OSPFv3 router VRF configuration mode
Usage Guidelines
Enter
no area
{
A.B.C.D
|
decimal
}
virtual-link
E.F.G.H
authentication
spi
spi to remove authentication from the virtual-links in the area.
Examples
The following example configures IPsec on a virtual link in an OSPFv3 area.
device# configure terminal
device(config)# ip router-id 10.1.2.2
device(config)# ipv6 router ospf
device(config-ipv6-router-ospf-vrf-default-vrf)# area 2 virtual-link 10.1.2.2 authentication spi 600 ah hmac-sha1 key 1134567890223456789012345678901234567890
