Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[M/MX/T] Supported authentication and encryption algorithms used under [edit security] for OSPF authentication using IPSEC transport mode

0

0

Article ID: KB29664 KB Last Updated: 20 Nov 2014Version: 1.0
Summary:

This article spells out the supported authentication and encryption algorithms used under [edit security] for OSPF authentication using IPSEC transport mode.

Symptoms:

List and describe the algorithms supported for IPSEC-protected OSPF sessions.

Cause:

Solution:

For OSPFv2, the in-built authentication options are simple-password and md5.

Apart from this, IPSEC transport mode can also be sued for authentication.

For OSPFv3, there is no in-built option; it relies on IPSEC to provide authentication.

For more information on OSPF authentication and configuration, see the following Tech Doc: Configuring OSPF Authentication.

When using the IPSEC Transport Mode (ESP) protocol under [edit security], it is mandatory to provide the authentication and encryption algorithms to be used.

Note that not all algorithms are supported under [edit security] for IPSEC transport mode.

The supported and unsupported algorithms listed below:

Authentication Algorithm:

  • hmac-md5-96             - Supported

  • hmac-sha-256-128    - Not Supported

  • hmac-sha1-96            - Supported

Encryption Algorithm:

  • 3des-cbc           - Supported
  • aes-128-cbc     - Not Supported

  • aes-192-cbc     - Not Supported

  • aes-256-cbc     - Not Supported

  • des-cbc             - Supported

You can use any combination of supported algorithms for IPSEC authentication and to bring up the OSPF session.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search