cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
186
Views
0
Helpful
3
Replies
Beginner

BGP Password

Hi everyone,

I'm configuring eBGP and attempted to establish neighbours with the use of a password (password 7).   I have service password-encryption enabled on the router.  I used a random combination of letters and numbers (26 characters) and I got the error - Invalid Encrypted Password.  I believe it's denying it because I'm trying to use an encrypted password when it's trying to see a plain text password in order for the router to encrypt, correct?

My question is, what is the best approach when configuring the BGP password 7? What type of password or phrase would be accepted and what are the limitations? Also, when exchanging the password on the other end (bgp speaker), would the other router type in when configuring the neighbour? Which password is exchanged, the post encrypted password or the passphrase?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Mentor

Re: BGP Password

Hello,

 

you cannot enter a level 7 password in cleartext, level 7 expects an encrypted string. To give you an example, in order to enter ´ciscorouter´ as an encrypted string, you first have to find out what the encrypted string looks like, once you know that, you can enter that string:

 

Try the following in order to see how it works:

 

Type ´enable password 0 ciscorouter´ and then enable ´service password-encryption´. Write down the encrypted string you see in your configuration.

 

enable password 7 110A1016141D1903113E2E36

 

Then use that string for the BGP neighbor:

 

neighbor x.x.x.x password 7 110A1016141D1903113E2E36

3 REPLIES 3
Enthusiast

Re: BGP Password


usually ISP give u password phrase to type in. if they tell you password, you type in plain password, without 7, but if they give u text to past in with "7" in there, like password 7 151F0A1E102325272120362D10041F06 , copy and paste password 7 string. note : you need service password-encryption to be on. this service tells router how to store password in nvram; encrypted or not. With on, u cannot clearly read password in show run; 


I believe password length is 25 characters or less. Router will give u an error if u type too long password. (may depends on ios and model versions)

I think Routers exchange MD5 hash of your password 

 

Regards, ML
**Please Rate All Helpful Responses **

VIP Mentor

Re: BGP Password

Hello,

 

you cannot enter a level 7 password in cleartext, level 7 expects an encrypted string. To give you an example, in order to enter ´ciscorouter´ as an encrypted string, you first have to find out what the encrypted string looks like, once you know that, you can enter that string:

 

Try the following in order to see how it works:

 

Type ´enable password 0 ciscorouter´ and then enable ´service password-encryption´. Write down the encrypted string you see in your configuration.

 

enable password 7 110A1016141D1903113E2E36

 

Then use that string for the BGP neighbor:

 

neighbor x.x.x.x password 7 110A1016141D1903113E2E36

Beginner

Re: BGP Password

Thanks, this is exactly what I did and worked flawless.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards