nerdexam
Cisco

350-401 · Question #603

Refer to the exhibit. An engineer attempts to establish BGP peering between router CORP and two ISP routers. What is the root cause for the failure between CORP and ISP#2?

The correct answer is B. There is a password mismatch between router CORP and router ISP#2.. BGP peering failure between two routers is commonly caused by a password mismatch when authentication is enabled.

Submitted by the_admin· Mar 6, 2026Infrastructure

Question

Refer to the exhibit. An engineer attempts to establish BGP peering between router CORP and two ISP routers. What is the root cause for the failure between CORP and ISP#2?

Exhibits

350-401 question #603 exhibit 1
350-401 question #603 exhibit 2

Options

  • ARouter ISP#2 is configured to use SHA-1 authentication.
  • BThere is a password mismatch between router CORP and router ISP#2.
  • CRouter CORP is configured with an extended access control list.
  • DMD5 authorization is configured incorrectly on router ISP#2.

How the community answered

(24 responses)
  • A
    13% (3)
  • B
    63% (15)
  • C
    21% (5)
  • D
    4% (1)

Why each option

BGP peering failure between two routers is commonly caused by a password mismatch when authentication is enabled.

ARouter ISP#2 is configured to use SHA-1 authentication.

While an SHA-1 configuration on ISP#2 could cause a mismatch if CORP is using a different method like MD5, a general 'password mismatch' is a more direct and common cause of authentication failure.

BThere is a password mismatch between router CORP and router ISP#2.Correct

BGP peering relies on matching authentication credentials between neighbors, and a password mismatch between router CORP and ISP#2 will prevent the BGP session from successfully establishing due to failed authentication.

CRouter CORP is configured with an extended access control list.

An extended access control list on router CORP, unless it specifically blocks BGP traffic (TCP port 179) between the peers, is not typically the root cause of a BGP authentication failure.

DMD5 authorization is configured incorrectly on router ISP#2.

Incorrect MD5 authorization on router ISP#2 would lead to a password mismatch, so 'password mismatch' is a more precise description of the resulting issue rather than just incorrect configuration.

Concept tested: BGP peering troubleshooting (authentication)

Source: https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13769-bgp-md5.html

Topics

#BGP peering#BGP authentication#MD5 authentication#Troubleshooting BGP

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice