Establishing MD5 authentication for TCP connections

BGP requires TCP as the transport protocol. To enhance security, you can configure BGP to perform MD5 authentication when establishing a TCP connection. The two parties must have the same password configured to establish TCP connections. BGP MD5 authentication is not for BGP packets, but for TCP connections. If the authentication fails, no TCP connection can be established.

To do...

Use the command...


Enter system view


Enter BGP view

bgp as-number  

Enable MD5 authentication when establishing a TCP connection to the peer/peer group

peer [[group-name] | [ip-address]] password [[cipher] | [simple]] password

Optional. Not enabled by default.