Hello All,
I have an Aruba CX 6300F L3 switch that I am trying to get OSPF MD5 authentication working with a rotating keychain on HP 5406R. I got it working with a regular "non-rotating key" but for some reason it doesn't like the keychain commands.
Any thoughts are greatly appreciated. Please let me know if you need me to provide more info.
---6300F Commands----
interface vlan 223
description "Routed-link-to-5406R"
ip address 192.168.235.155/24
ip ospf 1 area 0.0.0.0
ip ospf authentication message-digest
ip ospf keychain "keyRotate"
keychain keyRotate
key 2
key-string plaintext 2001keyrotate
accept-lifetime start-time 08:00:00 07/15/2022 end-time 08:00:00 01/15/2023
send-lifetime start-time 08:00:00 08/01/2022 end-time 08:00:00 01/01/2023
key 3
key-string plaintext 3001keyrotate
accept-lifetime start-time 08:00:00 12/15/2022 end-time 08:00:00 08/15/2023
send-lifetime start-time 08:00:00 01/01/2023 end-time 08:00:00 08/01/2023
5406 Commands
vlan 2235
name "Routed-link-to-6300F"
untagged C2
ip address 192.168.235.101 255.255.255.0
ip ospf 192.168.235.101 area backbone
ip ospf 192.168.235.101 md5-auth-key-chain "keyRotate"
exit
key-chain "keyRotate"
key-chain "keyRotate" key 2 key-string "2001keyrotate"
key-chain "keyRotate" key 2 accept-lifetime 07/15/2022 08:00:00 01/15/2023 08:00:00
key-chain "keyRotate" key 2 send-lifetime 08/01/2022 08:00:00 01/01/2023 08:00:00
key-chain "keyRotate" key 3 key-string "3001keyrotate"
key-chain "keyRotate" key 3 accept-lifetime 12/15/2022 08:00:00 08/15/2023 08:00:00
key-chain "keyRotate" key 3 send-lifetime 01/01/2023 08:00:00 08/01/2023 08:00:00
I keep receiving this error message on the 5406R
E 10/14/22 10:38:25 03132 OSPF: AM1: RECV: Discarding packet on interface vl2235
: Invalid authentication key or sequence number mismatch (5 times in
60 seconds)