Cisco Cisco IOS Software Release 12.4(2)T
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
MSDP MD5 Password Authentication
How to Configure MSDP MD5 Password Authentication
3
Cisco IOS Release 12.4(2)T
DETAILED STEPS
Troubleshooting Tips
If a router has a password configured for an MSDP peer, but the MSDP peer does not, a message such
as the following will appear on the console while the routers attempt to establish a MSDP session
between them:
as the following will appear on the console while the routers attempt to establish a MSDP session
between them:
%TCP-6-BADAUTH: No MD5 digest from [peer's IP address]:11003 to [local router's
IP address]:179
Command or Action
Purpose
Step 1
enable
Example:
Router> enable
Enables privileged EXEC mode.
•
Enter your password if prompted.
Step 2
configure
terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 3
ip msdp peer
{peer-name | peer-address}
[connect-source interface-type
interface-number] [remote-as as-number]
Example:
Router(config)# ip msdp peer 10.32.43.144
Enables MSDP and configures an MSDP peer as specified
by the DNS name or IP address.
by the DNS name or IP address.
Step 4
ip msdp
[vrf name] password peer {peer-name |
peer-address} [encryption-type] string
Example:
Router(config)# ip msdp password peer
10.32.43.144 0 test
Enables MD5 password encryption for a TCP connection
between two MSDP peers.
between two MSDP peers.
•
MD5 authentication must be configured with the same
password on both MSDP peers; otherwise, the
connection between them will not be made.
password on both MSDP peers; otherwise, the
connection between them will not be made.
•
If you configure or change the password or key used for
MD5 authentication between two MSDP peers, the
local router will not tear down the existing session after
you configure the password. The local router will
attempt to maintain the peering session using the new
password until the keepalive period expires. If the
password is not entered or changed on the remote router
before the keepalive period expires, the session will
time out and the MSDP session will reset.
MD5 authentication between two MSDP peers, the
local router will not tear down the existing session after
you configure the password. The local router will
attempt to maintain the peering session using the new
password until the keepalive period expires. If the
password is not entered or changed on the remote router
before the keepalive period expires, the session will
time out and the MSDP session will reset.
Step 5
end
Example:
Router(config)# end
Exits global configuration mode and enters privileged
EXEC mode.
EXEC mode.
Step 6
show ip msdp peer
Example:
Router# show ip msdp peer
(Optional) Displays detailed information about MSDP
peers.
peers.
•
Use this command to verify whether MD5 password
authentication is enabled on an MSDP peer.
authentication is enabled on an MSDP peer.