area virtual-link authentication (OSPFv3)

Enables authentication for virtual links in an OSPFv3 area.

Syntax

area { ip-addr | decimal } virtual-link E.F.G.H authentication spi spi-value { ah | esp null } { hmac-md5 | hmac-sha1 } key key
no area { A.B.C.D | decimal } virtual-link E.F.G.H authentication spi spi

Command Default

Authentication is not enabled on a virtual-link.

Parameters

ip-addr
Area address in IP address format.
decimal
Area address in decimal format.
E.F.G.H
ID of the OSPFv3 device at the remote end of the virtual link.
spi spi-value

Specifies the security policy index (SPI) value. Valid values range from decimal numbers 512 through 4294967295

ah
Specifies authentication header (ah) as the protocol to provide packet-level security.
esp
Specifies Encapsulating Security Payload (ESP) as the protocol to provide packet-level security.
null
Specifies that the ESP payload is not encrypted.
hmac-md5

Enables Hashed Message Authentication Code (HMAC) Message Digest 5 (MD5) authentication on the OSPF area.

hmac-sha1

Enables HMAC Secure Hash Algorithm 1 (SHA-1) authentication on the OSPF area.

key key
Number used in the calculation of the message digest. 40 hexadecimal character key. The 40 hexadecimal character key is encrypted by default.

Modes

OSPFv3 router configuration mode

OSPFv3 router VRF configuration mode

Usage Guidelines

Enter no area { A.B.C.D | decimal } virtual-link E.F.G.H authentication spi spi to remove authentication from the virtual-links in the area.

Examples

The following example configures IPsec on a virtual link in an OSPFv3 area. 

device# configure terminal
device(config)# ip router-id 10.1.2.2
device(config)# ipv6 router ospf
device(config-ipv6-router-ospf-vrf-default-vrf)# area 2 virtual-link 10.1.2.2 authentication spi 600 ah hmac-sha1 key 1134567890223456789012345678901234567890
9036689-01 Rev AA