[j-nsp] ISIS Routing Problem

Mark Tinka mtinka at globaltransit.net
Wed Jun 16 21:36:41 EDT 2010


On Thursday 17 June 2010 07:28:10 am Eric Van Tol wrote:

>  Due to IOS's inability to do MD5
>  authentication at level 2,...

This isn't true.

IOS supports MD5 Authentication at both L1 and L2.

We have it running with no dramas:

key chain some-name-l2
 key 1
   key-string password
!
int gi0/1
 isis authentication mode md5
 isis authentication key-chain some-name-l2
!
router isis 1
 authentication mode md5
 authentication key-chain some-name-l2 level-2

Not defining the level on the interface defaults the 
authentication (and its mode) to L2, however, you can 
further define it in case you're also running authentication 
for L1 on the same interface.

This is IOS 12.2(33)SRC or later, although I can't think of 
any reason why it wouldn't be supported in other trains.

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20100617/b49a6d18/attachment.bin>


More information about the juniper-nsp mailing list