Enable message digest5 (MD5) authentication on a TCP connection between two BGP peers Rationale: Enforcing routing authentication reduces the likelihood of routing poisoning and unauthorized routers from joining BGP routing. Impact: Organizations should plan and implement enterprise security policies that require rigorous authentication methods for routing protocols. Using the 'neighbor password' for BGP enforces these policies by restricting the type of authentication between network devices.
Configure BGP neighbor authentication where feasible. hostname(config)#router bgp <<em>bgp_as-number</em>> hostname(config-router)#neighbor <<em>bgp_neighbor-ip</em> | <em>peer-group-name</em>> password <<em>password</em>> Default Value: Not set