ZyXEL Communications 1000 Manual De Usuario
Chapter 16 Routing Protocols
ZyWALL USG 1000 User’s Guide
375
Authentication Types
Authentication is used to guarantee the integrity, but not the confidentiality, of
routing updates. The transmitting router uses its key to encrypt the original
message into a smaller message, and the smaller message is transmitted with the
original message. The receiving router uses its key to encrypt the received
message and then verifies that it matches the smaller message sent with it. If the
received message is verified, then the receiving router accepts the updated
routing information. The transmitting and receiving routers must have the same
key.
routing updates. The transmitting router uses its key to encrypt the original
message into a smaller message, and the smaller message is transmitted with the
original message. The receiving router uses its key to encrypt the received
message and then verifies that it matches the smaller message sent with it. If the
received message is verified, then the receiving router accepts the updated
routing information. The transmitting and receiving routers must have the same
key.
The ZyWALL supports three types of authentication for RIP and OSPF routing
protocols:
protocols:
• None - no authentication is used.
• Text – authentication using a plain text password, and the (unencrypted)
• Text – authentication using a plain text password, and the (unencrypted)
password is sent over the network. This method is usually used temporarily to
prevent network problems.
• MD5 – authentication using an MD5 password and authentication ID.
MD5 is an authentication method that produces a 128-bit checksum, called a
message-digest, for each packet. It also includes an authentication ID, which can
be set to any value between 1 and 255. The ZyWALL only accepts packets if these
conditions are satisfied.
message-digest, for each packet. It also includes an authentication ID, which can
be set to any value between 1 and 255. The ZyWALL only accepts packets if these
conditions are satisfied.
• The packet’s authentication ID is the same as the authentication ID of the
interface that received it.
• The packet’s message-digest is the same as the one the ZyWALL calculates
using the MD5 password.
For RIP, authentication is not available in RIP version 1. In RIP version 2, you can
only select one authentication type for all interfaces. For OSPF, the ZyWALL
supports a default authentication type by area. If you want to use this default in
an interface or virtual link, you set the associated Authentication Type field to
Same as Area. As a result, you only have to update the authentication
information for the area to update the authentication type used by these
interfaces and virtual links. Alternatively, you can override the default in any
interface or virtual link by selecting a specific authentication method. Please see
the respective interface sections for more information.
only select one authentication type for all interfaces. For OSPF, the ZyWALL
supports a default authentication type by area. If you want to use this default in
an interface or virtual link, you set the associated Authentication Type field to
Same as Area. As a result, you only have to update the authentication
information for the area to update the authentication type used by these
interfaces and virtual links. Alternatively, you can override the default in any
interface or virtual link by selecting a specific authentication method. Please see
the respective interface sections for more information.