[j-nsp] ISIS authentication issue
Mark Tinka
mark.tinka at seacom.mu
Thu Jun 13 03:03:15 EDT 2013
On Wednesday, June 12, 2013 08:26:31 PM John Neiberger wrote:
> The plan is eventually to add LSP authentication on the
> Cisco side, but that would entail touching every Cisco
> router in the area, which is kind of a pain at the
> moment. We were hoping to find a way to get this
> adjacency to the MX960 up before we tweak the rest of
> the area. I think we'll try your first suggestion to see
> if it at least gets us through for now and then we can
> tweak it all again once we've added LSP authentication
> to all the Cisco routers in the area.
My known working configuration for IOS XR, IOS, IOS XE
and Junos:
IOS XR:
router isis 1
lsp-password hmac-md5 encrypted <somehing_encrypted> level 2
!
interface GigabitEthernet0/0/0/0
hello-password hmac-md5 encrypted <something_encrypted>
IOS and IOS XE:
router isis 1
authentication mode md5
authentication key-chain some-name level-2
!
interface GigabitEthernet0/0
isis authentication mode md5 level-2
isis authentication key-chain some-name level-2
Junos:
isis-group {
protocols {
isis {
level 1 disable;
level 2 {
# authentication-key <removed>;
authentication-type md5;
Hope this helps.
Cheers,
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20130613/987b6be3/attachment.sig>
More information about the juniper-nsp
mailing list