Home Routing BGP Cisco BGP Configuration [Cisco] BGP md5 authentication configuration


Well, in these days, not many people want to setup BGP MD5 for security concerns. Back in 2005, after some guy reported a threat on BGP sessions with ISP. There were rush to setup MD5.

Actually, the MD5 authentication is not on the BGP session. The authentication is on the TCP session. It provides a method by which each of the TCP peers is able to verify with a higher degree of certainty that packets apparently received from the TCP peer actually originated from the TCP peer. This keeps packets which are spoofed into the session from being used as valid packets in the session, so providing another layer of security to the eBGP session.

Below configuration is sample of MD 5 on Cisco router


neighbor xx.xx.xx.xx remote-as
neighbor xx.xx.xx.xx Full-routes
neighbor xx.xx.xx.xx prefix-list < for Inbound route filter> in
neighbor xx.xx.xx.xx password <actual password>
neighbor xx.xx.xx.xx maximum-prefix 1000



And save configuration file.

 
Smart Link
Search
Statistics
Content View Hits : 2199670
Polls
Highly recommended firewall vendor?
 
Google Translation
English Arabic Chinese (Simplified) Czech Dutch French German Italian Korean Portuguese Russian Spanish Filipino Vietnamese Thai Turkish
BGP routing issue?
Banner
World Route Servers
Banner
Who's Online
We have 31 guests online