how to authenticate bgp peer between cisco asr and juniper ACX 2200 ? Need juniper ACX2200 configuration commands? urgent needed
-
Did any answer help you? if so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you could provide and accept your own answer. – Ron Maupin Aug 12 '17 at 03:42
2 Answers
I've run into issues with this, unfortunately Ron's solution probably won't work in terms of interoperability with an ASR (sorry to be the guy who links to his own question).
See: BGP authentication-key-chain vs. authentication-key
You cannot use the "authentication-key-chain" option here, you'll need to use "authentication-key".
protocols {
bgp {
group PEERS {
neighbor 1.2.3.4 {
authentication-key YOURPASSWORDHERE; ## SECRET-DATA
}
}
}
}
Set Syntax:
set protocols bgp group Peers neighbor 1.2.3.4 authentication-key YOURPASSWORDHERE
It issues with using "authentication-key-chain" have to do with how the options are conveyed to the neighbor via the TCP header.

- 7,034
- 1
- 23
- 40
Example: Configuring [Juniper] BGP Route Authentication
CLI Quick Configuration
To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.
set protocols bgp group ext type external
set protocols bgp group ext peer-as 65530
set protocols bgp group ext neighbor 172.16.2.1
set routing-options autonomous-system 65533
set protocols bgp group ext authentication-key-chain bgp-auth
set protocols bgp group ext authentication-algorithm md5
set security authentication-key-chains key-chain bgp-auth tolerance 30
set security authentication-key-chains key-chain bgp-auth key 0 secret this-is-the-secret-password
set security authentication-key-chains key-chain bgp-auth key 0 start-time 2011-6-23.20:19:33-0700
set security authentication-key-chains key-chain bgp-auth key 1 secret this-is-another-secret-password
set security authentication-key-chains key-chain bgp-auth key 1 start-time 2012-6-23.20:19:33-0700

- 4,379
- 1
- 12
- 28