Hi,
I am working on the v5 workbook section "OSPF authentication with multiple keys". That does not work as well as in the workbook for me.
It sounds like most of the time, R5 would only send out the latest key configured and not both keys. So I have half of the peer working ok, and the other ones reporting that the key they are receiving from R5 does not match (1 instead or 2 or vice-versa).
If I configure key 1 in second in R5 config it will be the working key, if I configured key 2 first it will be the working key.
Here is an output with the config of R5 and the debug ip ospf adj show only one key is sent out.
I am running CSRs ver 15.4(2)s, I tried rebooting several time but not luck. I have been able to see only once in the debug output both keys being sent but I can't reproduce it now.
interface Tunnel0
ip address 155.1.0.5 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication NHRPPASS
ip nhrp map multicast dynamic
ip nhrp network-id 1
ip tcp adjust-mss 1360
ip ospf authentication message-digest
ip ospf message-digest-key 2 md5 KEYTWO
ip ospf message-digest-key 1 md5 KEYONE
ip ospf network point-to-multipoint non-broadcast
delay 1000
tunnel source GigabitEthernet1.100
tunnel mode gre multipoint
tunnel key 150
tunnel protection ipsec profile DMVPN_PROFILE
end
R5#
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1
OSPF-1 ADJ Tu0: Send with youngest Key 1