Question 1hardmultiple choice
Full question →hardmultiple choiceObjective-mapped
Exhibit
R1# interface GigabitEthernet0/0 ip address 10.10.12.1 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 C1sc0 ! router ospf 1 network 10.10.12.0 0.0.0.255 area 0 R2# interface GigabitEthernet0/0 ip address 10.10.12.2 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 C1scO ! router ospf 1 network 10.10.12.0 0.0.0.255 area 0
Based on the exhibit, why is R1 not forming an OSPF adjacency with R2 on the shared Ethernet segment?
Answer choices
Why each option matters
Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.
A
Best answer
The OSPF authentication key does not match on the two routers.
This is correct because an authentication mismatch prevents OSPF adjacency on the shared segment.
B
Distractor review
The routers must use different OSPF areas to become neighbors.
This is wrong because neighbors on the same segment must agree on the area.
C
Distractor review
OSPF message-digest authentication can be used only on serial links.
This is wrong because OSPF authentication can be used on Ethernet as well.
D
Distractor review
The routers must remove IP addressing before OSPF can form.
This is wrong because the link needs valid IP addressing for OSPF adjacency.
Common exam trap
Common exam trap: answer the scenario, not the keyword
A frequent exam trap is selecting an answer that incorrectly states OSPF authentication is limited to serial links or that routers must be in different areas to form adjacency. Candidates may also mistakenly believe that removing IP addressing is necessary for OSPF to form. These misconceptions overlook that OSPF authentication applies to Ethernet interfaces and that neighbors must be in the same area and subnet with matching authentication keys. Misreading these details leads to choosing incorrect options that seem plausible but contradict OSPF adjacency rules.
Technical deep dive
How to think about this question
OSPF (Open Shortest Path First) is a link-state routing protocol that requires routers to form neighbor adjacencies before exchanging routing information. On a shared Ethernet segment, routers send Hello packets to discover neighbors and establish adjacency. These Hello packets must match on several parameters including area ID, subnet, and authentication settings. Authentication secures OSPF messages by requiring routers to use the same authentication method and key, ensuring only trusted routers participate in routing. When OSPF authentication is enabled, routers include an authentication key in their Hello packets. If the keys do not match, the routers will not recognize each other as valid neighbors and will not progress beyond the Init state to form a full adjacency. This prevents routing information from being exchanged, which can cause connectivity issues. Cisco routers support multiple authentication types on Ethernet interfaces, including simple password and message digest (MD5), and these must be consistently configured. A common exam trap is assuming that authentication is only relevant on serial links or that mismatched keys cause an IP addressing conflict. In reality, authentication mismatches silently block adjacency formation without generating explicit error messages. Practically, network engineers must verify that all OSPF parameters, especially authentication keys, match exactly on all routers in the same area and subnet to ensure successful adjacency and stable routing.
KKey Concepts to Remember
- OSPF routers must use matching authentication keys on a shared segment to successfully form neighbor adjacencies.
- OSPF adjacency formation requires routers to be in the same area and share identical network parameters including authentication settings.
- OSPF authentication can be configured on any interface type, including Ethernet, to secure routing updates between neighbors.
- A mismatch in OSPF authentication keys prevents the exchange of OSPF Hello packets, stopping adjacency formation.
- OSPF neighbors must have compatible IP addressing on the shared segment to recognize each other and establish adjacency.
- OSPF authentication parameters include the authentication type and the key, both of which must match exactly on all routers.
- OSPF adjacency failures due to authentication mismatches are a common troubleshooting scenario in Cisco network environments.
- Correct OSPF configuration on shared Ethernet segments includes consistent area, IP subnet, and authentication settings.
TExam Day Tips
- Watch for words such as best, first, most likely and least administrative effort.
- Review why wrong options are wrong, not only why the correct option is correct.
Related practice questions
Related 200-301 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
CCNA subnetting practice questions
Practise IPv4 subnetting, CIDR, masks, host ranges and subnet selection.
CCNA OSPF practice questions
Practise OSPF neighbours, router IDs, metrics, areas and routing-table interpretation.
CCNA VLAN practice questions
Practise VLANs, access ports, trunks, allowed VLANs and switching scenarios.
CCNA STP practice questions
Practise spanning tree, root bridge election, port roles and STP troubleshooting.
CCNA EtherChannel practice questions
Practise LACP, PAgP, port-channel behaviour and bundle requirements.
CCNA ACL practice questions
Practise standard and extended ACLs, permit/deny logic and traffic filtering.
CCNA NAT practice questions
Practise static NAT, dynamic NAT, PAT and inside/outside address translation.
CCNA DHCP practice questions
Practise DHCP scopes, relay, leases and troubleshooting.
CCNA show ip route practice questions
Practise routing-table output, longest-prefix match, AD and route selection.
CCNA show interfaces trunk practice questions
Practise trunk verification and VLAN forwarding across switches.
CCNA wireless security practice questions
Practise WLAN security, authentication and wireless architecture concepts.
CCNA IPv6 practice questions
Practise IPv6 addressing, routes, neighbour discovery and common IPv6 exam traps.
More questions from this exam
Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.
Question 1
A router learns the same prefix from both OSPF and EIGRP. Which route is installed by default?
Question 2
A router shows this output: R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 10.1.1.2 1 FULL/DR 00:00:34 192.168.12.2 GigabitEthernet0/0 10.1.1.3 1 2WAY/DROTHER 00:00:39 192.168.12.3 GigabitEthernet0/0 Which statement is correct?
Question 3
What is the OSPF metric called?
Question 4
A non-root switch has two uplinks toward the root bridge. One path has a lower total STP cost than the other. What role will the lower-cost uplink have?
Question 5
A router interface applies this ACL inbound: 10 deny tcp any any eq 80 20 permit ip any any A user reports that web browsing to a server by IP address fails, but ping works. Which statement best explains the behavior?
Question 6
A router learns route 198.51.100.0/24 from OSPF with AD 110 and also has a static route to the same prefix configured with AD 150. Which route is installed?
FAQ
Questions learners often ask
What does this 200-301 question test?
OSPF routers must use matching authentication keys on a shared segment to successfully form neighbor adjacencies.
What is the correct answer to this question?
The correct answer is: The OSPF authentication key does not match on the two routers. — The most likely reason is an OSPF authentication mismatch. In practical terms, both routers are on the same IP subnet and in the same area, but they are not using the same authentication key on the shared link. OSPF neighbors must agree on key authentication parameters before they will trust each other enough to form an adjacency. This is a classic CCNA troubleshooting pattern because the configuration looks almost correct until you compare the security settings carefully.
What should I do if I get this 200-301 question wrong?
Then try more questions from the same exam bank and focus on understanding why the wrong options are tempting.
Discussion
Loading comments…
Sign in to join the discussion.