How to Configure OSPF Plain Text Authentication

OSPF authentication can be configured on OSPF routers to prevent rogue routers from injecting false routing information and causing a Denial-of-Service attack.

There are two types of OSPF authentication: Plain Text authentication and MD5 authentication. Plain text authentication uses clear text passwords, while MD5 authentication provides a more secure method. In this post, we will demonstrate how to configure OSPF Plain Text Authentication.

Network Topology

The network topology we will be making use of in this post is shown below. As you can see, it consists of two routers. In this post, we will configure OSPF on the two routers and configure OSPF authentication on the two routers.

network topology for ospf timer

How to Configure OSPF Plain Text Authentication

Here are steps to configure OSPF Plain Text Authentication using the network topology shown above.

Step 1: Configure OSPF on the routers

Configure OSPF on R1 and R2 and then advertise the connected network.

Router 1

R1(config)#interface ethernet0/0
R1(config-if)#ip address 192.168.12.1 255.255.255.0
R1(config-if)#no shutdown 
R1(config-if)#exit

R1(config)#router ospf 1
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 192.168.12.0 0.0.0.255 area 0
R1(config-router)#exit

 Router 2

R2(config)#interface ethernet0/0
R2(config-if)#ip address 192.168.12.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit

R2(config)#router ospf 1
R2(config-router)#router
R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 192.168.12.0 0.0.0.255 area 0
R2(config-router)#exit

Step 2: Check if both routers formed neighborship in OSPF

By default, there is no OSPF authentication, so the two OSPF routers will form a neighborship.

R1#show ip ospf neighbor 

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   FULL/BDR        00:00:37    192.168.12.2    Ethernet0/0 

Router 2

R2#show ip ospf neighbor 

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           1   FULL/DR         00:00:31    192.168.12.1    Ethernet0/0

Step 3: Configure OSPF authentication

Router 2

Change the authentication in R2 from none to plain-text and put a password of 123456.

R2(config)#interface ethernet0/0
R2(config-if)#ip ospf authentication
R2(config-if)#ip ospf authentication-key 123456
R2(config-if)#exit

Did R1 and R2 lose neighborship?

R2#show ip ospf neighbor
----> Empty <---- 
R1#show ip ospf neighbor 
----> Empty <----

 

 Router 1

Change the authentication in R1 from none to plain-text and put a password of 123456

R1(config)#interface ethernet0/0
R1(config-if)#ip ospf authentication
R1(config-if)#ip ospf authentication-key 123456
R1(config-if)#exit

Step 4: Verify that the OSFP neighbor is formed again

Router 1

R1#show ip ospf neighbor 

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   FULL/DR         00:00:34    192.168.12.2    Ethernet0/0 

 

Router 2

R2#show ip ospf neighbor 

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           1   FULL/BDR        00:00:32    192.168.12.1    Ethernet0/0

Related Content;

  1. How to Configure OSPF Default Route on a Cisco Router
  2. How to Configure OSPF DR and BDR
  3. How to Configure OSPF Passive Interface on Cisco Router
  4. How to Configure OSPF Backbone Area | How to Configure OSPF Area 0
  5. How to Configure OSPF Multi-Area
  6. How To Configure OSPF on Layer 3 Switch In Packet Tracer
  7. Redistributing Static Routes into OSPF: Explained With Example

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top