ipv6 ospfv3 authentication ipsec

Syntax

ipv6 ospfv3 authentication ipsec spi <SPI-INDEX> <AUTH-TYPE> <KEY-TYPE> <AUTH-KEY>

no ipv6 ospfv3 authentication

Description

Configures IPSec AH authentication. OSPFv3 interfaces that have IPsec configured at the interface context will not use area level IPsec.

The no form of this command removes IPsec AH authentication for the specified area.

Command context

config-if

Parameters

spi <SPI-INDEX>

Specifies the Security Parameters Index (SPI) to use. The SPI is an identification tag carried in the IPsec AH header. It enables the receiving OSPF process to select and use the Security Association (SA) from the SA table. The SPI must be unique on the switch. Range: 256-4294967295 characters.

<AUTH-TYPE>

Specifies the algorithm to use for authentication: md5 or sha1.

<KEY-TYPE>

Specifies the key type to use: plaintext (not encrypted) or hex-string (encrypted) or ciphertext (encrypted).

<AUTH-KEY>

Specifies the key.

Authority

Administrators

Examples

Setting interface 1/1/1 to use IPsec authentication (AH):

switch# configure terminal
switch(config)# interface 1/1/1
switch(config-if)# ipv6 ospfv3 authentication ipsec spi 256 md5 plaintext abcd

Removing IPsec authentication (AH) on interface 1/1/1:

switch# configure terminal
switch(config)# interface 1/1/1
switch(config-if)# no ipv6 ospfv3 authentication