Courseiva
BGPCCNA 200-301

BGP AS Number Misconfigured — Neighbor Rejects Session

Presenting Symptom

BGP session between two routers remains in Idle state and never transitions to Established.

Network Context

Two Cisco routers (R1 and R2) are directly connected via GigabitEthernet0/0 in a small enterprise network. R1 is configured with BGP AS 65001, while R2 is configured with BGP AS 65002. The network engineer is attempting to establish an eBGP session between them. Both routers run IOS 15.x. The problem is observed after a recent configuration change on R2.

Diagnostic Steps

1

Check BGP neighbor status

show ip bgp summary
BGP router identifier 192.168.1.1, local AS number 65001
BGP table version is 1, main routing table version 1
Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
192.168.1.2     4          65002       0       0        1    0    0 never    Idle

The neighbor is in Idle state, indicating the BGP session is not established. The local AS number shown is 65001, which is correct for R1. The remote AS number shown is 65002, which is what R1 expects R2 to be. If the session never leaves Idle, there is a configuration mismatch or connectivity issue.

2

Verify BGP configuration on the local router

show running-config | section router bgp
router bgp 65001
 bgp log-neighbor-changes
 neighbor 192.168.1.2 remote-as 65002
 neighbor 192.168.1.2 update-source GigabitEthernet0/0

This shows the local BGP configuration. The local AS is 65001, and the neighbor is configured with remote-as 65002. If the remote-as is incorrect, the session will fail. Also check that the update-source is set to the correct interface.

3

Check BGP configuration on the remote router

show running-config | section router bgp (on R2)
router bgp 65002
 bgp log-neighbor-changes
 neighbor 192.168.1.1 remote-as 65001

This shows the BGP configuration on R2. The local AS is 65002, and the neighbor is configured with remote-as 65001. If the remote-as on R2 does not match the local AS of R1 (65001), the session will fail. In this scenario, the remote-as on R2 might be misconfigured.

4

Check for BGP session errors using debug

debug ip bgp updates (or debug ip bgp events)
BGP: 192.168.1.2 passive open failed: wrong AS number (expected 65001, received 65003)

The debug output reveals that the remote router is sending an incorrect AS number. The expected AS is 65001 (R1's AS), but the received AS is 65003, indicating that R2 is configured with a different AS number than expected.

Root Cause

The BGP neighbor session fails because R2 is configured with the wrong BGP AS number. R2's router bgp command uses AS 65003 instead of the correct AS 65002. When R1 attempts to establish an eBGP session with R2, it expects R2 to be in AS 65002, but R2 advertises itself as AS 65003, causing the session to be rejected and remain in Idle state.

Resolution

On R2, correct the BGP AS number to 65002: 1. Enter global configuration mode: configure terminal 2. Remove the existing BGP configuration: no router bgp 65003 3. Configure BGP with the correct AS: router bgp 65002 4. Re-add the neighbor statement: neighbor 192.168.1.1 remote-as 65001 5. Optionally, reapply other BGP settings (e.g., network statements). 6. Exit configuration mode: end 7. Save the configuration: write memory

Verification

Run 'show ip bgp summary' on R1: BGP router identifier 192.168.1.1, local AS number 65001 BGP table version is 1, main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.168.1.2 4 65002 10 12 1 0 0 00:00:45 0 The neighbor state should change from Idle to Established (or at least Active/Connect). The Up/Down time should increase, and the State/PfxRcd column should show a number (e.g., 0 or more) instead of Idle. Also, 'show ip bgp neighbors 192.168.1.2' should show 'BGP state = Established'.

Prevention

1. Use a consistent AS number planning document for all BGP routers in the network. 2. Implement BGP peer authentication to prevent accidental misconfigurations. 3. Use BGP session templates or configuration management tools to ensure consistent BGP configurations across devices.

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario appears in troubleshooting questions where a BGP session fails to establish. The exam may present a multiple-choice question asking for the root cause (e.g., 'AS number mismatch') or a drag-and-drop to place the correct configuration commands. The key fact a CCNA candidate must know is that eBGP requires the remote AS number to match the neighbor's configured AS; otherwise, the session remains in Idle state.

Exam Tips

1.

Memorize that 'show ip bgp summary' is the first command to check BGP neighbor state.

2.

Remember that an Idle state often indicates a configuration error, such as wrong AS number or missing neighbor statement.

3.

Know that 'debug ip bgp updates' can reveal the specific error, but use it carefully in production.

Commands Used in This Scenario

debug ip bgp updates

Use this command to monitor BGP update messages in real-time for troubleshooting route advertisement and withdrawal issues.

show ip bgp summary

Displays a summary of the BGP neighbor status and prefix counts, used to quickly verify BGP peering and routing table health.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions