OS10 Enterprise Edition User Guide Release 10.4.1.0

PDF

Configure password

You can enable message digest 5 (MD5) authentication with a password on the TCP connection between two BGP neighbors.

Configure the same password on both BGP peers. When you configure MD5 authentication between two BGP peers, each segment of the TCP connection between them is verified and the MD5 digest is checked on every segment sent on the TCP connection. Configuring a password for a neighbor establishes a new connection.

Configure password

  • Configure the password in both the BGP peers using the password {9 encrypted password–string| password-string} in ROUTER-NEIGHBOR CONFIGURATION or ROUTER-TEMPLATE CONFIGURATION mode. . The password provided in ROUTER-NEIGHBOR mode gets more preference than the password in ROUTER-TEMPLATE mode. You can enter the password either as plain text or in encrypted format.
  • View the password configuration using the show configuration command.

Example configuration in Peer 1

ROUTER-NEIGHBOR mode
OS10# configure terminal
                                 OS10(config)# interface ethernet 1/1/5
                                 OS10(conf-if-eth1/1/5)# no switchport 
                                 OS10(conf-if-eth1/1/5)# ip address 11.1.1.1/24
                                 OS10(conf-if-eth1/1/5)# router bgp 10
                                 OS10(config-router-bgp-10)# neighbor 11.1.1.2
                                 OS10(config-router-neighbor)# no shutdown
                                 OS10(config-router-neighbor)# remote-as 10
                                 OS10(config-router-neighbor)# password abcdell 
                              
ROUTER-TEMPLATE mode
OS10# configure terminal
                                 OS10(config)# interface ethernet 1/1/5
                                 OS10(conf-if-eth1/1/5)# no switchport 
                                 OS10(conf-if-eth1/1/5)# ip address 11.1.1.1/24
                                 OS10(conf-if-eth1/1/5)# router bgp 10
                                 OS10(config-router-bgp-10)# template pass
                                 OS10(config-router-template)# password 9 f785498c228f365898c0efdc2f476b4b27c47d972c3cd8cd9b91f518c14ee42d
                                 OS10(config-router-template)# exit
                                 OS10(config-router-bgp-10)# neighbor 11.1.1.2
                                 OS10(config-router-neighbor)# inherit template pass
                              
View password configuration in peer 1
OS10(config-router-neighbor)# show configuration
                                 !
                                 neighbor 11.1.1.2
                                 password 9 0fbe1ad397712f74f4df903b4ff4b7b6e22cc377180432d7523a70d403d41565
                                 remote-as 10
                                 no shutdown
                              
OS10(config-router-neighbor)# do show running-configuration bgp
                                 !
                                 router bgp 10
                                 !
                                 template pass
                                 password 9 f785498c228f365898c0efdc2f476b4b27c47d972c3cd8cd9b91f518c14ee42d
                                 !
                                 neighbor 11.1.1.2
                                 inherit template pass
                                 password 9 01320afb39f49134882b0a9814fe6e8e228f616f60a35958844775314c00f0e5
                                 remote-as 10
                                 no shutdown
                              

Example configuration in Peer 2

ROUTER-NEIGHBOR mode
OS10# configure terminal
                                 OS10(config)# interface ethernet 1/1/5
                                 OS10(conf-if-eth1/1/5)# no switchport 
                                 ip OS10(conf-if-eth1/1/5)# ip address 11.1.1.2/24
                                 OS10(conf-if-eth1/1/5)# router bgp 20
                                 OS10(config-router-bgp-20)# neighbor 11.1.1.1
                                 OS10(config-router-neighbor)# no shutdown
                                 OS10(config-router-neighbor)# remote-as 20
                                 OS10(config-router-neighbor)# password abcdell 
                              
ROUTER-TEMPLATE mode
OS10# configure terminal
                                 OS10(config)# interface ethernet 1/1/5
                                 OS10(conf-if-eth1/1/5)# no switchport 
                                 OS10(conf-if-eth1/1/5)# ip address 11.1.1.2/24
                                 OS10(conf-if-eth1/1/5)# router bgp 20
                                 OS10(config-router-bgp-20)# template pass
                                 OS10(config-router-template)# password 9 f785498c228f365898c0efdc2f476b4b27c47d972c3cd8cd9b91f518c14ee42d
                                 OS10(config-router-template)# exit
                                 OS10(config-router-bgp-20)# neighbor 11.1.1.1
                                 OS10(config-router-neighbor)# inherit template pass
                              
View password configuration in peer 2
OS10(config-router-neighbor)# show configuration
                                 !
                                 neighbor 11.1.1.1
                                 password 9 0fbe1ad397712f74f4df903b4ff4b7b6e22cc377180432d7523a70d403d41565
                                 remote-as 20
                                 no shutdown
                              
OS10(config-router-neighbor)# do show running-configuration bgp
                                 !
                                 router bgp 20
                                 neighbor 11.1.1.2
                                 password 9 f785498c228f365898c0efdc2f476b4b27c47d972c3cd8cd9b91f518c14ee42d
                                 remote-as 20
                                 no shutdown
                              

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\