13.4.6 TCP MD5 certification

The Switch complies with RFC 2385 (Protection of BGP Sessions via the TCP MD5 Signature Option). TCP MD5 authentication guarantees that a TCP segment received over a BGP4 connection originated from a trusted source (peer). TCP MD5 authentication can be specified on a per-peer basis. To apply TCP MD5 authentication to a BGP4 connection with a remote peer, specify the authentication key in the neighbor password configuration command. The same authentication key must be used by both devices in a peering relationship. If the authentication keys do not match, a BGP4 connection cannot be established between the peers.