Configuring A Remote Bgp Peer With Md5 Authentication - Nokia IP40 User Manual

10
High Availability
Use the following commands to configure the routing policies for the created BGP Peer:
set bgp neighbor <value ip_address>

Configuring a Remote BGP Peer with MD5 Authentication

You can invoke MD5 authentication with a remote BGP peer such that each segment sent on the
TCP connection between the peers is verified. This feature must be configured with the same
password on both BGP peers or the connection between them is not established. The
authentication feature uses the MD5 algorithm. Invocation of this feature enables Nokia IP40 to
generate and check the MD5 digest of every segment sent on the TCP connection. If
authentication is invoked and a segment fails authentication, a message appears on the console.
Note
MD5 authentication with remote BGP peer is implemented external to the BGP routing
process on Nokia IP40. This authentication mechanism has stronger coupling with VPN
modules. Therefore, this feature is not supported for clear text BGP updates.
Use the following commands to configure BGP remote peers:
add bgp remote-peer <value ip_address>
132
dont-capability negotiate <on | off>
ebgp-multihop <on | off>
keepalive <value> holdtime <value>
maximum-prefix <value <value> [warning-only <on | off>|] off>
next-hop-self <on | off>
no-shutdown
passive <on | off >
peer-group < value <value> | off >
port < value <value> | off>
prefix-list <value> direction <in |out | both> state <on | off>
route-map <value> direction <in |out | both> state <on | off>
route-reflector-client <on | off>
update-source <value> state <on | off>
weight <value <value>| off>
shutdown
distribute-list <value> direction <in |out | both> state <on |
off>
vpn-peer <value ip_address>
priority <normal | high>
[gateway <value>
password <value>]
Nokia IP40 Security Platform User's Guide v1.1