Neighbor Authentication

As with other protocols, we can force BGP to authenticate other routers with a password. All passwords are scrambled using an MD5 message digest. On the network in Figure 10-1, we can enable password authentication between office-r1 and office-r2 by adding the password command to our BGP configuration. On office-r1, we add the neighbor ... password command after the neighbor ... remote-as command. You must configure the same password on both routers, or they can’t communicate with BGP. Here’s the configuration for office-r1:

router bgp 3000
  neighbor 192.168.3.2 remote-as 3000
  neighbor 192.168.3.2 password letmein

The same goes for office-r2:

router bgp 3000
  neighbor 192.168.3.1 remote-as 3000
  neighbor 192.168.3.1 password letmein

Get CISCO IOS in a Nutshell now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CISCO IOS in a Nutshell by

Neighbor Authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly