Manualshelf

HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
471472473474475476477478479480
451
If you configure an authentication mode and a password without specifying a level, the
authentication mode and password apply to both Level-1 and Level-2.
If neither ip nor osi is specified, the OSI related fields in LSPs are checked.
To configure neighbor relationship authentication:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter interface view.
interface interface-type interface-number N/A
3. Specify the
authentication mode
and password.
isis authentication-mode { md5 | simple }
[ cipher ] password [ level-1 | level-2 ] [ ip |
osi ]
By default, no authentication
is configured.
Configuring area authentication
Area authentication enables a router not to install routing information from untrusted routers into the
Level-1 LSDB. The router encapsulates the authentication password in the specified mode into Level-1
packets (LSP, CSNP, and PSNP) and check the password in received Level-1 packets.
Routers in a common area must have the same authentication mode and password.
To configure area authentication:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter IS-IS view.
isis [ process-id ] [ vpn-instance
vpn-instance-name ]
N/A
3. Specify the area
authentication mode and
password.
area-authentication-mode { md5 |
simple } [ cipher ] password [ ip | osi ]
By default, no area authentication
is configured.
Configuring routing domain authentication
Routing domain authentication prevents untrusted routing information from entering into a routing
domain. A router with the authentication configured encapsulates the password in the specified mode
into Level-2 packets (LSP, CSNP, and PSNP) and check the password in received Level-2 packets.
All the routers in the backbone must have the same authentication mode and password.
To configure routing domain authentication:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter IS-IS view.
isis [ process-id ] [ vpn-instance
vpn-instance-name ]
N/A
3. Specify the routing domain
authentication mode and
password.
domain-authentication-mode
{ md5 | simple } [ cipher ]
password [ ip | osi ]
By default, no routing domain
authentication is configured by
default.