ISIS/3/ISIS_AUTHENTICATION_FAILURE

Message

ISIS/3/ISIS_AUTHENTICATION_FAILURE: The authentication password of received PDU is different from local configuration. (isisSysInstance=[isisSysInstance], isisSysLevelIndex=[isisSysLevelIndex], isisCircIndex=[isisCircIndex], isisCircIfIndex=[isisCircIfIndex], isisPduFragment=[isisPduFragment], ifIndex=[ifIndex], IfName=[IfName])

Description

The authentication password contained in the received PDU is inconsistent with the locally configured one.

Parameters

Parameter Name	Parameter Meaning
isisSysInstance	ID of an IS-IS process
isisSysLevelIndex	IS-IS level
isisCircIndex	Circuit index of an interface
isisCircIfIndex	IfIndex of an interface
isisPduFragment	64-byte PDU header
ifIndex	IfIndex of an interface
IfName	Interface name

Possible Causes

Authentication was configured on an interface or a process of the local end.

The authentication type configured on the peer end was the same as that configured on the local end, but the authentication passwords configured on the two ends were different.

Procedure

1. Obtain the IS-IS process number and packet type (1 indicates a Level-1 packet; 2 indicates a Level-2 packet; 3 indicates a P2P Hello packet) contained in the PDU based on the command output. Then, find the isisPduFragment field and obtain the system ID of the source device that sends the packet and packet type.

If the packet type is Hello, go to Step 2.
If the packet type is LSP or SNP, go to Step 4.

2. Determine the IS-IS interface of the source device based on the system ID. Run the display this command in the interface view of the source device to check whether the configured interface authentication password is the same as that of the local device.

If the interface authentication passwords on the two ends are the same, go to Step 6.
If the interface authentication passwords on the two ends are different, go to Step 3.

3. Run the isis authentication-mode command in the interface view of the source device to configure the authentication password to be the same as that on the local device. Then, check whether the fault is rectified.

If the fault is rectified, go to Step 7.
If the fault persists, go to Step 6.

4. Run the display current-configuration configuration isis command on the source device to check whether the area authentication password or domain authentication password configured in the IS-IS process is the same as that on the local device.

If the area authentication passwords or domain authentication passwords on the two ends are the same, go to Step 6.
If the area authentication passwords or domain authentication passwords on the two ends are different, go to Step 5.

5. Run the area-authentication-mode command (Level-1 packet) or the domain-authentication-mode command (Level-2 packet) in the IS-IS view of the source device to configure the authentication password to be the same as that of the local device. Then, check whether the fault is rectified.

If the fault is rectified, go to Step 7.
If the fault persists, go to Step 6.

6. Collect log information and configuration information, and then contact technical support personnel.

7. End.