Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 1 reply
  • Subscribers 28 subscribers
  • Views 8060 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

BGP features - neighbor authentication

Rik Bruins

Hi,

I'm evaluating the XG firewall as an UTM replacement. Overall I’m impressed and happy, but it still lacks some fundamental (maybe even basic?) features that UTM does have and XG does not. Another possibility is of course that I’m not looking at the right place.

1 of these features we use on UTM is BGP with MD5 authentication for neighbors. In UTM this is not an issue, however there does not seem to be an option in the UI of XG. Is this on the roadmap? And if it is, when will this be available? For us, it’s 1 of the blocking issues to use the XG firewall right now.

The same applies for route filters on BGP sessions. Will that be possible some day?

Thanks,
Rik



This thread was automatically locked due to age.
Parents
  • +1

    Hi Rik,

    Such advance options are not available to configure from UI of the XG firewall as of now but you can try looking into the console of XG firewall for options like MD5 authentication between BGP neighbors and route filters.

    Please try your settings at the path below:

    1) Take telnet/SSH access of the XG firewall

    2) After logging into the console, go to option 3:

    Main Menu

    1. Network Configuration
    2. System Configuration
    3. Route Configuration
    4. Device Console
    5. Device Management
    6. VPN Management
    7. Shutdown/Reboot Device
    0. Exit

    Select Menu Number [0-7]: 3

    3) Go to option 1:

    Router Management

    1. Configure Unicast Routing
    2. Configure Multicast Routing
    0. Exit

    Select Menu Number [0-2]: 1

    4) 2) Go to option 3:


    Unicast Routing Configuration

    1. Configure RIP
    2. Configure OSPF
    3. Configure BGP
    0. Exit

    You can try well known BGP configuration commands here, similar to Cisco devices. Please find the below configuration details taken from my local testings:

    bgp# sh running-config

    Current configuration:
    !
    hostname bgp
    log stdout
    !
    router bgp 100
    bgp router-id 172.16.16.15
    neighbor 172.16.16.16 remote-as 100
    neighbor 172.16.16.16 password AUTH
    !
    route-map TEST permit 10
    !
    line vty
    no login
    !
    end
    bgp#

    Please revert if any further query.

    Jatin Lathiya

    Senior Technical Course Developer

     

     

     

Reply
  • +1

    Hi Rik,

    Such advance options are not available to configure from UI of the XG firewall as of now but you can try looking into the console of XG firewall for options like MD5 authentication between BGP neighbors and route filters.

    Please try your settings at the path below:

    1) Take telnet/SSH access of the XG firewall

    2) After logging into the console, go to option 3:

    Main Menu

    1. Network Configuration
    2. System Configuration
    3. Route Configuration
    4. Device Console
    5. Device Management
    6. VPN Management
    7. Shutdown/Reboot Device
    0. Exit

    Select Menu Number [0-7]: 3

    3) Go to option 1:

    Router Management

    1. Configure Unicast Routing
    2. Configure Multicast Routing
    0. Exit

    Select Menu Number [0-2]: 1

    4) 2) Go to option 3:


    Unicast Routing Configuration

    1. Configure RIP
    2. Configure OSPF
    3. Configure BGP
    0. Exit

    You can try well known BGP configuration commands here, similar to Cisco devices. Please find the below configuration details taken from my local testings:

    bgp# sh running-config

    Current configuration:
    !
    hostname bgp
    log stdout
    !
    router bgp 100
    bgp router-id 172.16.16.15
    neighbor 172.16.16.16 remote-as 100
    neighbor 172.16.16.16 password AUTH
    !
    route-map TEST permit 10
    !
    line vty
    no login
    !
    end
    bgp#

    Please revert if any further query.

    Jatin Lathiya

    Senior Technical Course Developer

     

     

     

Children
No Data