OSPF认证的配置
2011-01-21 19:23
288 查看
实验拓扑图
![](http://img1.51cto.com/attachment/201101/192305363.png)
实验过程
1.R1的预配置
2.R2的预配置
3.R3的预配置
4.R4的预配置
5.R1的OSPF配置
6.R2的OSPF配置
7.R3的OSPF配置
8.R4的OSPF配置
9.测试连通性
10.查看OSPF邻居表
11.在R1上配置明文认证
12.在R2上配置明文认证
13.在R3上配置密文认证
14.在R4上配置密文认证
15.再次测试连通性
本文出自 “等待” 博客,请务必保留此出处http://mxn19871215.blog.51cto.com/982365/482993
![](http://img1.51cto.com/attachment/201101/192305363.png)
实验过程
1.R1的预配置
Router>en Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no ip domain-lookup Router(config)#line console 0 Router(config-line)#no exec-timeout Router(config-line)#loggin syn Router(config-line)#exit Router(config)#host R1 R1(config)#int lo0 R1(config-if)#ip add 10.1.1.1 255.255.255.0 R1(config-if)#exit R1(config)#int lo1 R1(config-if)#ip add 10.1.2.1 255.255.255.0 R1(config-if)#exit R1(config)#int s0/0 R1(config-if)#no shut R1(config-if)#ip add 192.168.1.1 255.255.255.252 R1(config-if)#exit |
Router>en Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no ip domain-lookup Router(config)#line console 0 Router(config-line)#no exec-timeout Router(config-line)#loggin syn Router(config-line)#exit Router(config)#host R2 R2(config)#int s0/0 R2(config-if)#no shut R2(config-if)#ip add 192.168.1.2 255.255.255.252 R2(config-if)#exit R2(config)#int s0/1 R2(config-if)#no shut R2(config-if)#ip add 192.168.1.5 255.255.255.252 R2(config-if)#exit |
Router>en Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no ip domain-lookup Router(config)#line console 0 Router(config-line)#no exec-timeout Router(config-line)#loggin syn Router(config-line)#exit Router(config)#host R3 R3(config)#int s0/1 R3(config-if)#no shut R3(config-if)#ip add 192.168.1.6 255.255.255.252 R3(config-if)#exit R3(config)#int s0/2 R3(config-if)#no shut R3(config-if)#ip add 192.168.1.9 255.255.255.252 R3(config-if)#exit |
Router>en Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no ip domain-lookup Router(config)#line console 0 Router(config-line)#no exec-timeout Router(config-line)#loggin syn Router(config-line)#exit Router(config)#host R4 R4(config)#int s0/2 R4(config-if)#no shut R4(config-if)#ip add 192.168.1.10 255.255.255.252 R4(config-if)#exit R4(config)#int lo0 R4(config-if)#ip add 172.16.1.1 255.255.255.0 R4(config-if)#exit R4(config)#int lo1 R4(config-if)#ip add 172.16.2.1 255.255.255.0 R4(config-if)#exit |
R1(config)#router ospf 1[/b] R1(config-router)#net 10.1.1.1 0.0.0.0 area 1[/b] R1(config-router)#net 10.1.2.1 0.0.0.0 area 1[/b] R1(config-router)#net 192.168.1.1 0.0.0.0 area 1[/b] R1(config-router)#end |
R2(config)#router ospf 1[/b] R2(config-router)#net 192.168.1.2 0.0.0.0 area 1[/b] R2(config-router)#net 192.168.1.5 0.0.0.0 area [/b]0 R2(config-router)#end |
R3(config)#router ospf 1[/b] R3(config-router)#net 192.168.1.6 0.0.0.0 area 0[/b] R3(config-router)#net 192.168.1.9 0.0.0.0 area 2[/b] R3(config-router)#end |
R4(config)#router ospf 1[/b] R4(config-router)#net 192.168.1.10 0.0.0.0 area 2[/b] R4(config-router)#net 172.16.1.1 0.0.0.0 area 2[/b] R4(config-router)#net 172.16.2.1 0.0.0.0 area 2[/b] R4(config-router)#end |
R1#ping 172.16.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/54/108 ms R1#ping 172.16.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 20/61/124 ms |
R1#show ip ospf nei Neighbor ID Pri State Dead Time Address Interface 192.168.1.5 0 FULL/ - 00:00:38 192.168.1.2 Serial0/0 |
R1(config)#int s0/0 R1(config-if)#ip ospf authentication //启用OSPF认证 R1(config-if)#ip ospf authentication-key cisco //配置认证密码 R1(config-if)#end *Mar 1 00:32:38.571: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.1.5 on Serial0/0 from FULL to DOWN, Neighbor Down: Dead timer expired //邻居不能建立,因为R2没有配置认证。 |
R2(config)#int s0/0 R2(config-if)#ip ospf authentication R2(config-if)#ip ospf authentication-key cisco R2(config-if)#end *Mar 1 00:35:18.311: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.2.1 on Serial0/0 from LOADING to FULL, Loading Done //两端认证成功,因此邻居关系建立成功 |
R3(config)#int s0/2 R3(config-if)#ip ospf authentication message-digest R3(config-if)#ip ospf message-digest-key 1 md5 cisco R3(config-if)#end *Mar 1 00:42:29.655: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.2.1 on Serial0/2 from FULL to DOWN, Neighbor Down: Dead timer expired |
R4(config)#int s0/2 R4(config-if)#ip ospf authentication message-digest R4(config-if)#ip ospf message-digest-key 1 md5 cisco R4(config-if)#end *Mar 1 00:43:48.775: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.1.9 on Serial0/2 from LOADING to FULL, Loading Done |
R4#ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/48/92 ms |
相关文章推荐
- BSCI―9:配置OSPF认证
- 实验二十八、OSPF 邻居认证配置
- 配置OSPF认证
- 关于ospf区域认证以及虚链路之间的配置问题
- 网络设备之间配置OSPF认证
- 配置OSPF认证详解
- 配置点到点链路OSPF及认证
- BSCI实验之十三:配置点到点链路OSPF及认证 推荐
- OSPF认证方式及配置详解
- 配置OSPF认证详解
- BSCI实验之十三:配置点到点链路OSPF及认证
- 配置单区域OSPF认证
- 华为OSPF多区域、认证配置
- 配置OSPF认证
- RIPv2-EIGRP-BGP-OSPF[链路-区域-虚链路][明文-MD5]各认证配置
- 配置单区域OSPF认证
- CCNP第四天(4) 配置OSPF认证
- 配置OSPF认证
- 点到点多区域OSPF的安全认证和vritual-link(虚链路)的作用及配置.
- NE系列路由器V5版本OSPF邻居认证的配置