Hi group,
Two questions regarding ISIS authentication: 1. If the question ask to authenticate 5 ISIS PDU types (LAN Hello, point-to-point Hello, LSP, CSNP, PSNP), should I configure authentication under interface mode or routing process mode? The documentation states "The interface-related PDUs (LAN Hello, Point-to-Point Hello, CSNP, and PSNP) can be enabled with authentication on different interfaces, with different levels and different passwords." -->this means enabling authentication on interface will not authenticate LSP messages. So I reckon to authentication all 5 PDU types, I must configure under routing process mode like: router isis authentication mode md5 authentication key-chain ISIS 2. When using old-style to configure ISIS domain password, should I add the keyword authenticate snp so that CSNP & PSPN are authenticated? I'm not really understand this statement from the documentation: "This password is inserted in Level 2 PDU link-state PDUs (LSPs), complete sequence number PDUs (CSNPs), and partial sequence number PDUs (PSNPs). If you specify the authenticate snp keyword along with either the validate or send-only keyword, the IS-IS routing protocol will insert the password into sequence number PDUs (SNPs)" Thanks Rin
