[j-nsp] ISIS authentication issue

Mark Tinka mark.tinka at seacom.mu
Thu Jun 13 03:03:15 EDT 2013


On Wednesday, June 12, 2013 08:26:31 PM John Neiberger wrote:
> The plan is eventually to add LSP authentication on the
> Cisco side, but that would entail touching every Cisco
> router in the area, which is kind of a pain at the
> moment. We were hoping to find a way to get this
> adjacency to the MX960 up before we tweak the rest of
> the area. I think we'll try your first suggestion to see
> if it at least gets us through for now and then we can
> tweak it all again once we've added LSP authentication
> to all the Cisco routers in the area.

My known working configuration for IOS XR, IOS, IOS XE 
and Junos:

	IOS XR:

router isis 1
 lsp-password hmac-md5 encrypted <somehing_encrypted> level 2
 !
 interface GigabitEthernet0/0/0/0
  hello-password hmac-md5 encrypted <something_encrypted>

	IOS and IOS XE:

router isis 1
 authentication mode md5
 authentication key-chain some-name level-2
!
interface GigabitEthernet0/0
 isis authentication mode md5 level-2
 isis authentication key-chain some-name level-2

	Junos:

isis-group {
        protocols {
            isis {
                level 1 disable;
                level 2 {
#                   authentication-key <removed>;
                    authentication-type md5;
                    
Hope this helps.

Cheers,

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20130613/987b6be3/attachment.sig>


More information about the juniper-nsp mailing list