authentication ipsec spi

Syntax

authentication ipsec spi <SPI-INDEX> <AUTH-TYPE> <KEY-TYPE> <AUTH-KEY>

no authentication

Description

Configures IPsec AH authentication for Vlink.

The no form of this command removes IPSec AH authentication for the specified area.

Command context

config-router-vlink

Parameters

spi <SPI-INDEX>

Specifies the Security Parameters Index (SPI) to use. The SPI is an identification tag carried in the IPsec AH header. It enables the receiving OSPF process to select and use the Security Association (SA) from the SA table. The SPI must be unique on the switch. Range: 256 to 4294967295 characters.

<AUTH-TYPE>

Specifies the algorithm to use for authentication: md5 or sha1.

<KEY-TYPE>

Specifies the key type to use: plaintext (unencrypted), hex-string (encrypted) or ciphertext (encrypted).

<AUTH-KEY>

Specifies the key.

Authority

Administrators or local user group members with execution rights for this command.

Examples

Setting area 1 to use IPsec authentication (AH) for Vlink:

switch(config)# router ospfv3 1
switch(config-ospfv3-1)# area 1
switch(config-ospfv3-1)# area 1 virtual-link 3.3.3.3
switch (config-router-vlink6)# authentication ipsec spi 256 sha1 plaintext abcd

Removing IPSec authentication (AH) for Vlink on area 1:

switch(config)# router ospfv3 1
switch(config-ospfv3-1)# area 1 virtual-link 3.3.3.3
switch(config-router-vlink6)# no authentication