authentication password-list

---

Enables a password list to be used for IS-IS authentication on interfaces for this router.

Syntax: [no] authentication password-list listname {hmac-md5 | cleartext} [level-1 | level-2 | level-1-2]

hmac-md5	Sets the type of authentication to HMAC-MD5 for this password list.
cleartext	Sets the type of authentication to cleartext for this password list.
level-1	Specifies that the password-list applies to level 1.
level-2	Specifies that the password-list applies to level 2.
level-1-2	SPecifies that the password-list applies to both level 1 and level 2. Default: level-1-2

Description: IPriori supports authentication of control PDUs (LSPs, PSNPs and CSNPs) and ISIS hello PDUs for either HMAC-MD5 or clear-text. Multiple passwords can be configured on an IS-IS interface by configuring a password-list. A maximum of 252 passwords can be configured.

For interfaces, password-list is used for authentication. The valid password with the least password-id is used for outgoing hello PDUs and all the valid passwords are used for authenticating incoming PDUs.

Use the authentication password-list command to enable IS-IS password list authentication for interfaces on this router.

Use the no authentication password-list command to delete a configured password-list.

Factory Default: No authentication configured.

Command Mode: IS-IS router configuration.

Example: In the following example:

1. Configuration mode for password-list list1 is entered.
   
   
2. Configuration mode for password-id is entered for password-IDs 1 and 2
   
   
3. In each password-ID mode a password is assigned and a lifetime of now and infinity is configured.
   
   
4. The password-list list1 is enabled using the authentication password-list command.
   
   
5. The show isis password-list command displays the configuration.
   
   

router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. router(config)#router isis 100 router(config-router)#password-list list1 router(config-router-password-list)#password-id 1 router(config-router-password-record)#password pass1 router(config-router-password-record)#lifetime now infinity router(config-router-password-record)#exit router(config-router-password-list)#password-id 2 router(config-router-password-record)#password pass2 router(config-router-password-record)#lifetime now infinity router(config-router-password-record)#exit router(config-router-password-list)#exit router(config-router)#authentication password-list list1 hmac-md5 level-1 router(config-router)#end router#show isis password-list list1 password-list list1 password-id 1 password pass1 start-time 14:33:16 december 2 2004 end-time infinity password-id 2 password pass2 start-time 14:33:38 december 2 2004 end-time infinity

Related Commands: lifetime
password
password-id
password-list

Copyright © 2005 Avici Systems Inc.
Avici® and TSR® is a registered trademark of Avici Systems Inc.
IPriori™, Composite Links™, SSR™, QSR, and NSR® are trademarks of Avici Systems Inc.

   Source File Name: ISIS.fm
    HTML File Name: ISIS2.html
    Last Updated: 02/25/05 at 14:55:50

Please email suggestions and comments to: doc@avici.com