ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-501 All Questions

View all questions & answers for the 350-501 exam
Go to Exam

Exam 350-501 topic 1 question 47 discussion

Actual exam question from Cisco's 350-501
Question #: 47
Topic #: 1
[All 350-501 Questions]


Refer to the exhibit. Which condition must be met by the OSPF peer of router R1 before the two devices can establish communication?

  • A. The OSPF peer must use clear-text authentication.
  • B. The OSPF peer must be configured as an OSPF stub router.
  • C. The interface on the OSPF peer may have a different key ID, but it must use the same key value as the configured interface.
  • D. The interface on the OSPF peer must use the same key ID and key value as the configured interface.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Reference:
https://networklessons.com/ospf/how-to-configure-ospf-md5-authentication
by thejag at Feb. 27, 2023, 10:43 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ric859
5 months, 2 weeks ago
Selected Answer: D
Both the key ID and password must match so the correct answer is D.
upvoted 1 times
...
Mephystopheles
2 years, 1 month ago
I used GNS3. From R2, we enable only auth message-digest. No keys, no md5 password. If R2 has: Only R2(config-if)#ip ospf authentication message-digest R1#debug ip ospf adj *Apr 2 16:28:26.855: OSPF-1 ADJ Gi1/0: Rcv pkt from 192.168.2.15 : Mismatched Authentication Key - No message digest key 0 on interface R1# -------1st test: From R2, If we match only the "md5" password but, use a different "key 2": R2(config-if)#ip ospf message-digest-key 2 md5 cisco R1#debug ip ospf adj *Apr 2 16:30:38.723: OSPF-1 ADJ Gi1/0: Rcv pkt from 192.168.2.15 : Mismatched Authentication Key - No message digest key 2 on interface *Apr 2 16:30:39.691: OSPF-1 ADJ Gi1/0: Send with youngest Key 1 R1# ----2nd test: From R2, If we match only the "key 1" but, stil use a different md5 password: R2(config-if)#ip ospf message-digest-key 1 md5 cisco1 R1#debug ip ospf adj *Apr 2 16:35:14.011: OSPF-1 ADJ Gi1/0: Rcv pkt from 192.168.2.15 : Mismatched Authentication Key - Message Digest Key 1 R1# *Apr 2 16:35:15.191: OSPF-1 ADJ Gi1/0: Send with youngest Key 1
upvoted 2 times
Mephystopheles
2 years, 1 month ago
-----3rd test: From R2, once we match the same "Key 1" and md5 password, the adj comes up. R2(config-if)#ip ospf message-digest-key 1 md5 cisco R1#debug ip ospf adj *Apr 2 16:37:04.843: OSPF-1 ADJ Gi1/0: Rcv LS UPD from 192.168.2.15 length 64 LSA count 1 *Apr 2 16:37:04.847: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.2.15 on GigabitEthernet1/0 from LOADING to FULL, Loading Done ----Then, option D should be correct.
upvoted 2 times
...
...
jospinales
2 years, 1 month ago
In MD5 authentication The packet carries the hash value, along with a key ID. The key ID allows the routers to reference multiple passwords. This makes password migration easier and more secure. Here is and example taked from Cisco debug where there is a key mismatch: #debug ip ospf adj 00:59:43: OSPF: Send with youngest Key 1 00:59:53: OSPF: Send with youngest Key 2 !--- Informs that this router is also configured !--- for Key 2 and both routers now use Key 2 Source: https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13697-25.html
upvoted 1 times
...
thejag
2 years, 2 months ago
This is a tricky one ;-)
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago