Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

bgp peer authentication


when i configured ibgp peership with "nei password cisco" i am getting output that no md5 authentication from but when i configured neighborship on with "nei pass 7 030752180500" (030752180500--this encrypted key in running config of, neighborship is eshtablishes without any issue.

my query is that--if i am able to use this encrypted key to establish neigh then what is the use of this authentication?

please help

Hall of Fame Super Bronze

Re: bgp peer authentication

The key you've illustrated was generated by the service password-encryption command.

This command is primarily useful for keeping unauthorized individuals from viewing your password in your configuration file.

The MD5 authentication occurs in the wire during the BGP peering exchange and the only option to peer with BGP while having the password is MD5, there isn't any simple text authentication.



New Member

Re: bgp peer authentication

Dear Mr.Edison,

all you say is correct but my basic question is that if any unauthorized router become a neighbor with excrypted password without knowing the real password then what is the use of that encrypted password as anyone can become a neighbor by using this encry password.

thanks and regards,


Hall of Fame Super Bronze

Re: bgp peer authentication

I addressed your question.

The encrypted password above is the same as 'cisco' in non-encrypted form.

The neighbors must have the same password in order for the peering to come up.

While one neighbor has 'cisco' and the other one has the encrypted password of 'cisco', they will both send the same password and MD5 algorithm will produce the same result on the hash.

BTW, with BGP - you need to configure neighbor at both ends. An unauthorized router can't peer with you unless you peer back to them.

The password will help preventing the BGP packet from being sniffed while traversing unprotected hops.



VIP Super Bronze

Re: bgp peer authentication


You can not establish neighbored relationship with a peer if you do not know what the password is. Try this with 2 routers:

1-Establish a BGP session between router A and router B

2-Make sure that BGP neighbors are in established mode by issuing "sh ip bg nei" command.

3-On router A, add a password to the neighbor and use the above command and watch it go from established to active.

4-Add the same exact password to router B or delete the password on router A and watch it go back from active to established



CreatePlease to create content