By default, OSPF neighbors will form an adjacency with anyone speaking the protocol on the same segment. In a production network that is a security risk - anyone with link access can inject routing updates. OSPF authentication adds a shared secret that both ends must know. This lab configures MD5 cryptographic authentication on the P2P link between R2 and R4 in the OSPF Reference Lab.
What you will learn
- The three OSPF authentication types: null (default), simple password, cryptographic (MD5/SHA)
- Per-interface authentication configuration on Cisco IOS XE
- How to verify auth state with
show ip ospf interface - The neighbor-state impact of mismatched keys
What this lab does NOT cover
- OSPFv3 (IPv6) authentication, which uses different syntax (IPSec AH)
- SHA key-chains in depth - we use the simpler MD5 form here
Topology
Download the OSPF Reference Lab .yaml
The PingLabz OSPF Reference Lab - 4 iol-xe routers across Area 0 (broadcast LAN) and Area 30 (P2P).
