HP VPN Firewall Appliances Network Management Configuration Guide
450
Ste
p
Command
Remarks
6. Configure a DIS name.
isis dis-name
symbolic-name
Optional.
By default, no name is configured.
This command takes effect only on a router
enabled with dynamic system ID to host name
mapping.
This command is not available on P2P interfaces.
Enabling the logging of neighbor state changes
With this feature enabled, the router delivers information about neighbor state changes to the terminal
for display.
To enable the logging of neighbor state changes:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter IS-IS view.
isis [ process-id ] [ vpn-instance
vpn-instance-name ]
N/A
3. Enable the logging of
neighbor state changes.
log-peer-change
By default, the logging of
neighbor state is enabled.
Enhancing IS-IS network security
To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS authentication
involves neighbor relationship authentication, area authentication, and routing domain authentication.
Configuration prerequisites
Before the configuration, complete the following tasks:
• Configure network layer addresses for interfaces to ensure IP connectivity between neighboring
nodes.
• Enable IS-IS.
Configuring neighbor relationship authentication
With neighbor relationship authentication configured, an interface adds the password in the specified
mode into hello packets to the peer and checks the password in the received hello packets. If the
authentication succeeds, it forms the neighbor relationship with the peer.
Follow these guidelines when you configure neighbor relationship authentication:
• The authentication mode and password at both ends must be identical.
• The level-1 and level-2 keywords are configurable on an interface that has IS-IS enabled with the
isis enable command.