Reference Guide
MD5 | SHA1
Authentication type: Message Digest 5 (MD5) or Secure Hash
Algorithm 1 (SHA-1).
key-encryption-
type
(OPTIONAL) Specifies if the key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in authentication.
For MD5 authentication, the key must be 32 hex digits (non-
encrypted) or 64 hex digits (encrypted).
For SHA-1 authentication, the key must be 40 hex digits (non-
encrypted) or 80 hex digits (encrypted).
Defaults Not configured.
Command Modes INTERFACE
Command History
Version 9.1.(0.0) Introduced on S4810 and Z9000.
Version 8.4.2.0 Introduced on the E-Series.
Usage
Information
Before you enable IPsec authentication on an OSPFv3 interface, you must first enable IPv6
unicast routing globally, configure an IPv6 address and enable OSPFv3 on the interface, and
assign the interface to an area.
An SPI value must be unique to one IPsec security policy (authentication or encryption) on the
router. You must configure the same authentication policy (same SPI and key) on each OSPFv3
interface in a link.
To remove an IPsec authentication policy from an interface, enter the no ipv6 ospf
authentication spi
number
command. To remove null authentication on an interface to allow
the interface to inherit the authentication policy configured for the OSPFv3 area, enter the no
ipv6 ospf authentication null command.
Related
Commands
area
authentication
Configure an IPsec authentication policy for an OSPFv3 area.
show crypto
ipsec policy
Display the configuration of IPsec authentication policies.
show crypto
ipsec sa ipv6
Display the security associations set up for OSPFv3 interfaces in
authentication policies.
ipv6 ospf cost
Explicitly specify the cost of sending a packet on an interface.
C-Series, E-Series, Z-Series, S4810
Syntax
ipv6 ospf interface-cost
1234