Saturday, February 19, 2011

Lab 7 - OSPF Authentication

Prerequisites: CCNP level skills.

Note!
Routers use OSPF configuration from the lab 6.

Topology


Pic. 1 - OSPF Multi-Area Topology.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

Task List

Configuring authentication use the password: 'cisco'.

Task 1
All loopback addresses should be advertised with their configured network mask (/24).

Task 2
Configure the strongest OSPF authentication between R2 and R3. On R3, enable authentication under the routing process (config-router) but make sure there is no OSPF authentication between R1 and R3.

Task 3
Enable Simple Password OSPF authentication in the area 1. R4 should have OSPF authentication enabled on F1/0 interface but not in the 'config-router' context. 

Lab Solution

Task 1
On all loopback interfaces (all routers should already be configured with this as per lab 6):

All loopback addresses should be advertised with their configured network mask (/24). 

!
interface loopbackX
ip ospf network point-to-point
!

Task 2
Configure the strongest OSPF authentication between R2 and R3. On R3, enable authentication under the routing process (config-router) but make sure there is no OSPF authentication between R1 and R3.

R2 Configuration:
!
interface Serial0/2
 ip address 10.1.23.2 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 cisco
!

R3 Configuration:
!
router ospf 1
 router-id 3.3.3.3
 log-adjacency-changes
 area 0 authentication message-digest
 network 0.0.0.0 255.255.255.255 area 0
!
interface Serial0/1
 ip address 10.1.13.3 255.255.255.0
 ip ospf authentication null
!
interface Serial0/2
 ip address 10.1.23.3 255.255.255.0
 ip ospf message-digest-key 1 md5 cisco
!

Task 3
Enable Simple Password OSPF authentication in the area 1. R4 should have OSPF authentication enabled on F1/0 interface but not in the 'config-router' context.

R1 Configuration:
!
router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 area 1 authentication
 network 10.1.13.1 0.0.0.0 area 0
 network 10.1.124.1 0.0.0.0 area 1
 network 172.16.101.1 0.0.0.0 area 0
!
interface FastEthernet1/0
 ip address 10.1.124.1 255.255.255.0
 ip ospf authentication-key cisco
 ip ospf priority 20
!

R2 Configuration:
!
router ospf 1
 router-id 2.2.2.2
 log-adjacency-changes
 area 1 authentication
 network 10.1.23.2 0.0.0.0 area 0
 network 10.1.124.2 0.0.0.0 area 1
 network 172.16.102.2 0.0.0.0 area 0
!
interface FastEthernet1/0
 ip address 10.1.124.2 255.255.255.0
 ip ospf authentication-key cisco
 ip ospf priority 10
!

R4 Configuration:
!
router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 1
!
interface FastEthernet1/0
 ip address 10.1.124.4 255.255.255.0
 ip ospf authentication
 ip ospf authentication-key cisco
!

Verification
All routers should be fully adjacent with their neighbors (should be checked after every task)!

#show ip ospf neigbhor