evi neighbor-discovery authentication

Use evi neighbor-discovery authentication to enable ENDP authentication.

Use undo evi neighbor-discovery authentication to disable ENDP authentication.

Syntax

evi neighbor-discovery authentication { cipher | simple } password

undo evi neighbor-discovery authentication

Default

ENDP authentication is disabled.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

cipher: Specifies an authentication key in encrypted form.

simple: Specifies an authentication key in plaintext form.

password: Specifies the authentication key. Its plaintext form is a case-sensitive string of 1 to 24 characters in length. Its encrypted form is a case-sensitive string of 1 to 65 characters.

Usage guidelines

Configure ENDP authentication in an insecure network to prevent malicious registration with an ENDS.

Make sure all authentication-enabled ENDCs and ENDSs in an EVI network use the same authentication key.

If authentication is disabled on an ENDS, all ENDCs, including authentication-enabled ENDCs, can register with the ENDS without authentication.

If authentication is enabled on an ENDS, only authentication-enabled ENDCs that use the same authentication key as the ENDS can register with the ENDS.

For security purposes, all authentication keys, including keys set in plaintext form, are stored in encrypted form.

Examples

# Enable ENDP authentication on the EVI tunnel interface Tunnel 0 and specify web-evi as the authentication key.

<Sysname> system
[Sysname] interface tunnel 0 mode evi
[Sysname-Tunnel0] evi neighbor-discovery authentication simple web-evi

Related commands

display evi neighbor-discovery client summary

display evi neighbor-discovery server summary