With MD5 authentication in place on all PE-to-PE OSPF links, this video completes the authentication picture by securing the PE-to-core links using simple password authentication — demonstrating that OSPF can run multiple authentication types simultaneously across different interfaces within the same area.

Simple password authentication is configured with the same syntax structure as MD5 but using the simple-password keyword rather than md5. The key difference is that simple password authentication sends the key in plain text on the wire — a packet capture would reveal it. However JunOS still hashes the password in the configuration itself, so someone browsing the running config won’t see the key in clear text even when simple password is used. It’s a common point of confusion and worth understanding clearly.

We configure simple password authentication on each PE’s core-facing interface in turn — PE1, PE2, PE3 and PE4 — then switch to the core logical system and configure the matching authentication on all four core-facing interfaces simultaneously. Once committed, all four PE-to-core OSPF adjacencies recover with matching simple password authentication in place.

An important design point covered in this video is that OSPF authentication is link-by-link, not area-wide. A single OSPF area can have some interfaces using MD5, others using simple password, and others with no authentication at all — as long as each individual link has matching authentication configuration on both ends. The PE-to-PE links use MD5, the core-facing links use simple password, and OSPF area 0 runs happily across all of them simultaneously.

The video concludes with full connectivity verification — pinging loopback addresses across the topology to confirm everything is still working correctly with the complete authentication configuration in place. All adjacencies are Full and all loopbacks are reachable.