FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
1,637 views 12 comments
by anonymous
i would like to use the Rut950 as a BGP router, the config itself isn't that difficult but the peer requires MD5 authentication, i don't see an option to set a password in the WUI but i also can't find the correct way to put the config together in the CLI.

does anyone has any solution for this ??

2 Answers

0 votes
by anonymous
Hello,

Regarding to this problem of yours could you provide us some information what device are you going to connect to RUT950 via BGP?
Also can  you share the config that is requested by the peer? We need this information so that we can assist you furthermore.

I have here a short manual regarding BGP configuration with our device i hope it helps a bit : https://we.tl/t-YYgE1GsRiY

Thank you and have a nice day!
Stay Safe

Regards,
Jerome
by anonymous
well, i have to inform with the ISP for the exact model but it is Cisco equipment, and couse of security reasons they only allow authenticated connections, i build the setup couple times before with cisco and it works fine but couse the cisco equipment is to large for the setup we try to use RUT instead, underneeth e similar setup on Cisco

!
!
chat-script lte "" "AT!CALL" TIMEOUT 20 "OK"
!
!
controller Cellular 0
 lte sim data-profile 1 attach-profile 1 slot 0
 lte modem link-recovery disable
!
!
interface Tunnel5
 ip address 172.29.254.253 255.255.255.252
 tunnel source Dialer5
 tunnel destination 172.31.255.20
!
!
interface Cellular0
 description ICCID: XX
 ip address negotiated
 ip mtu 1492
 ip virtual-reassembly in
 encapsulation slip
 dialer in-band
 dialer pool-member 5
 async mode interactive
!
!
interface Vlan1
 description <BGP-VLAN>
 ip address 172.20.4.1 255.255.255.0 secondary
 ip address 172.20.4.254 255.255.255.0
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
 no autostate
!
interface Dialer5
 ip address negotiated
 ip mtu 1492
 ip virtual-reassembly in
 encapsulation slip
 dialer pool 5
 dialer idle-timeout 0
 dialer string lte
 dialer persistent
!
router bgp 65241
 bgp log-neighbor-changes
 neighbor 172.29.254.254 remote-as 26481
 neighbor 172.29.254.254 description 4G GRE tunnel
 neighbor 172.29.254.254 password 7 06620A2FA8080A145E2E01
 !
 address-family ipv4
  network 172.20.4.0 mask 255.255.255.0
  neighbor 172.29.254.254 activate
  neighbor 172.29.254.254 weight 40
  neighbor 172.29.254.254 soft-reconfiguration inbound
  neighbor 172.29.254.254 prefix-list ANNOUNCE out
 exit-address-family
!
!
!
ip route 172.29.254.254 255.255.255.255 Tunnel5
ip route 172.31.255.20 255.255.255.255 Dialer5
!
!
ip prefix-list ANNOUNCE description OUBOUND SUBNET
ip prefix-list ANNOUNCE seq 1 permit 172.20.4.0/24 le 32
ip prefix-list ANNOUNCE seq 1000 deny 0.0.0.0/0 le 32
!
!
dialer-list 5 protocol ip permit
!
!
!
by anonymous

Hello, 

Thank you for your response. Is it possible to try to export the config from cisco router to then import the settings to RUT950? 
Kindly let me know if you are able to export the config and import it to the RUT950 device. I will try to consult this also with our team. 

The configuration of your BGP routing is this:

router bgp 65241
 bgp log-neighbor-changes
 neighbor 172.29.254.254 remote-as 26481
 neighbor 172.29.254.254 description 4G GRE tunnel
 neighbor 172.29.254.254 password 7 06620A2FA8080A145E2E01 -> this one is authentication required of the peer device.

Also it is possible if you can test connecting RUT950 to cisco router without this authentication method? To check if the tunnel will be created. 
Kindly provide me feedback on this. 

Thank you and have a nice day!

Stay Safe

Kind Regards,
Jerome


 

by anonymous
haven't tested that yet but i'll give it a try, i'm not near the RUT now. think it will be tomorrow
by anonymous
the RUT950 doesn't accept the config file, either as .txt of without extention. even if i use the content of the /etc/config/quagga file and name it just quagga the file isn't accepted. any idea what it is sopposed to be ?
by anonymous
Hello,

Could you test disabling the password on the cisco config and see if the RUT950 device can make a BGP tunnel with CISCO without the password authentication? And if it can successfully make a tunnel to the CISCO device. Try enabling the password again and don't touch the config of the RUT950 where the tunnel was created without password. Then i would like you to share me the troubleshoot file of the RUT950 via pm. So that i can share it with my team to check how to resolve your issue.

Sorry for the inconvenience caused.

Thank you and have a nice day!

Stay Safe

Regards,
Jerome
by anonymous

ok, i now have an temporary test with the ISP. they disabled the authentication and the BGP does become active.

also the network advertisement goes well. unforunatly this is temporary. the setup does work but for the project to succeed i still do need to setup the BGP with a password authentication

     Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 28685:3903 (default for vrf 3903)
 *    172.29.250.0/30  172.29.250.1             0             0 64991 ?
 *>   192.168.1.0      172.29.250.1             0             0 64991 i

by anonymous
Hello,

Regarding this matter i will inform our team in accordance with this issue of yours.
Once i have the resolution to your problem i will inform you right away.

Sorry for the inconvenience caused.

Thank you and have a nice day!
Stay Safe

Regards,
Jerome
by anonymous

Hello good day hope your safe and doing well. 
Could you try doing adding example command "neighbor 10.0.0.2 password 123456pass" on the config file of bgp that can be done by connecting to SSH then do the "vi" command.

Command: vi /etc/config/quagga/bgpd.conf 
It will give you this slight similar result like the image shown below: 
 

navigate to the router bgp settings on the network part press "a" button on your keyboard to start editing. 
Then from that you can input neighbor 172.29.254.254 password testing now to save your edited config press "esc" 
then type  ":wq" then input command "/etc/init.d/quagga restart

If you have problem executing this command feel free to ask help we can do a short remote session for this.

Thank you and have a nice day!
Hope it helps,

Stay Safe

Kind Regards,
Jerome

by anonymous

Jerome,

i allready have been busy with manual editing on CLI but did it again conform your post.

vi /etc/config/quagga/bgpd.conf seems to be creating a new file

~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
- /etc/config/quagga/bgpd.conf 1/1 100%

FYI: bgpd.conf seems not to be located in that directory

root@Teltonika-RUT950:~# ls /etc/config/quagga/bgpd.conf
ls: /etc/config/quagga/bgpd.conf: Not a directory
root@Teltonika-RUT950:~# ls /etc/config/quagga/
ls: /etc/config/quagga/: Not a directory
root@Teltonika-RUT950:~# ls /etc/config/quagga
/etc/config/quagga
root@Teltonika-RUT950:~# find / -name bgpd.conf                                                    
/etc/quagga/bgpd.conf
/overlay/upper/etc/quagga/bgpd.conf
/rom/etc/quagga/bgpd.conf

if i add the change to /etc/quagga/bgpd.conf or /overlay/upper/etc/quagga/bgpd.conf the change will dissapear after restarting quagga

/rom/etc/quagga/bgpd.conf doesn't show any BGP info

dont know if it makes any diffrence but i have     FW ver.: RUT9XX_R_00.06.06.1

 

by anonymous
Jerome,

i also tried to make changes with uci

root@Teltonika-RUT950:~# uci show quagga
quagga.ospf=ospf
quagga.ospf.enabled='0'
quagga.ospf.debug='0'
quagga.ospf.enabled_vty='0'
quagga.rip=rip
quagga.rip.enabled='0'
quagga.rip.debug='0'
quagga.rip.enabled_vty='0'
quagga.general=general
quagga.general.debug='0'
quagga.general.enabled='1'
quagga.general.enabled_vty='1'
quagga.default=instance
quagga.default.as='64991'
quagga.default.id='172.29.250.1'
quagga.default.enabled='1'
quagga.default.network='192.168.1.0/24'
quagga.default.redistribute='connected'
quagga.default.deterministic_med='1'
quagga.nhrp=nhrp_global
quagga.nhrp.enabled='0'
quagga.nhrp.debug='0'
quagga.@peer[0]=peer
quagga.@peer[0].instance='default'
quagga.@peer[0].as='28685'
quagga.@peer[0].ipaddr='172.29.250.2'
quagga.@peer[0].enabled='1'
quagga.@peer[0].default_originate='1'
root@Teltonika-RUT950:~#
root@Teltonika-RUT950:~# uci set quagga.@peer[0].password="123456Pass"
root@Teltonika-RUT950:~#  uci show  quagga.@peer[0].password=
quagga.cfg063511.password='123456Pass'
root@Teltonika-RUT950:~# vi /etc/quagga/bgpd.conf            # doesn't show changes
root@Teltonika-RUT950:~# vi /overlay/upper/etc/quagga/bgpd.conf        # doesn't show changes
root@Teltonika-RUT950:~# /etc/init.d/quagga restart
quagga.init: Stopping watchquagga ... killed 3179 ... done.
quagga.init: Stopping bgpd ... killed 3175 ... done.
quagga.init: Stopping zebra ... killed 3171 ... done.
quagga.init: Starting zebra ... done.
quagga.init: Starting bgpd ... done.
quagga.init: Starting watchquagga ... done.
root@Teltonika-RUT950:~# vi /etc/quagga/bgpd.conf            # doesn't show changes
root@Teltonika-RUT950:~# vi /overlay/upper/etc/quagga/bgpd.conf        # doesn't show changes
root@Teltonika-RUT950:~#  uci show  quagga.@peer[0].password
quagga.cfg063511.password='123456Pass'
root@Teltonika-RUT950:~#
by anonymous
Hello,

Could we do a short remote session for this issue of yours? :)

Kindly communicate with me via pm.

Thank you and have a nice day!
Stay Safe.

Kind Regards,
Jerome
by anonymous
Hello,

Regarding this query of yours it is still pending on our RnD Team once i have the information about solving your problem.
I will be sharing it to you directly.

Thank you for your patience and understanding.
Have a nice day!

Stay Safe.

Regards,
Jerome
0 votes
by anonymous
Hi,

Unfortunately, ours router do not have such option. This requires additional development, for this, contact with your sales manager from Teltonika