Reference Guide
• show ipv6 ospf neighbor
area authentication
Configure an IPsec authentication policy for OSPFv3 packets in an OFSPFv3 area.
E-Series TeraScale, Z-Series, S4810
Syntax
area area-id authentication ipsec spi number {MD5 | SHA1} [key-
encryption-type] key
Parameters
area
area-id
Area for which OSPFv3 traffic is to be authenticated. For area-id, you
can enter a number.
The range is 0 to 4294967295.
ipsec spi
number
Security Policy index (SPI) value that identifies an IPsec security
policy.
The range is 256 to 4294967295.
MD5 | SHA1
Authentication type: Message Digest 5 (MD5) or Secure Hash
Algorithm 1 (SHA-1).
key-encryption-
type
(OPTIONAL) Specifies if the key is encrypted.
The values are 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in authentication.
For MD5 authentication, the key must be 32 hex digits (non-
encrypted) or 64 hex digits (encrypted).
For SHA-1 authentication, the key must be 40 hex digits (non-
encrypted) or 80 hex digits (encrypted).
Defaults Not configured.
Command Modes ROUTER OSPFv3
Command History
Version 9.1.(0.0) Introduced on the S4810 and Z9000.
Version 8.4.2.0 Introduced on the E-Series TeraScale.
Usage
Information
Before you enable IPsec authentication on an OSPFv3 area, you must first enable OSPFv3
globally on
the router. You must configure the same authentication policy (same SPI and key) on each
interface in
an OSPFv3 link.
An SPI number must be unique to one IPsec security policy (authentication or encryption) on
the
router.
If you have enabled IPsec encryption in an OSPFv3 area with the area encryption command,
you
1226