Configuring Ntp Authentication - Cisco Catalyst 3750 Software Configuration Manual
Metro switch
Hide thumbs
Also See for Catalyst 3750:
- Command reference manual (1154 pages) ,
- Hardware installation manual (231 pages) ,
- Message manual (120 pages)
Table of Contents
Advertisement
Chapter 5
Administering the Switch
Configuring NTP Authentication
This procedure must be coordinated with the administrator of the NTP server; the information you configure
in this procedure must be matched by the servers used by the switch to synchronize its time to the NTP server.
Beginning in privileged EXEC mode, follow these steps to authenticate the associations (communications
between devices running NTP that provide for accurate timekeeping) with other devices for security
purposes:
Command
Step 1
configure terminal
Step 2
ntp authenticate
Step 3
ntp authentication-key number md5 value
Step 4
ntp trusted-key key-number
Step 5
end
Step 6
show running-config
Step 7
copy running-config startup-config
To disable NTP authentication, use the no ntp authenticate global configuration command. To remove
an authentication key, use the no ntp authentication-key number global configuration command. To
disable authentication of the identity of a device, use the no ntp trusted-key key-number global
configuration command.
This example shows how to configure the switch to synchronize only to devices providing authentication
key 42 in the device's NTP packets:
Switch(config)# ntp authenticate
Switch(config)# ntp authentication-key 42 md5 aNiceKey
Switch(config)# ntp trusted-key 42
78-15870-01
Purpose
Enter global configuration mode.
Enable the NTP authentication feature, which is disabled by
default.
Define the authentication keys. By default, none are defined.
For number, specify a key number. The range is 1 to
•
4294967295.
md5 specifies that message authentication support is provided
•
by using the message digest algorithm 5 (MD5).
For value, enter an arbitrary string of up to eight characters for
•
the key.
The switch does not synchronize to a device unless both have one
of these authentication keys, and the key number is specified by the
ntp trusted-key key-number command.
Specify one or more key numbers (defined in Step 3) that a peer
NTP device must provide in its NTP packets for this switch to
synchronize to it.
By default, no trusted keys are defined.
For key-number, specify the key defined in Step 3.
This command provides protection against accidentally
synchronizing the switch to a device that is not trusted.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Catalyst 3750 Metro Switch Software Configuration Guide
Managing the System Time and Date
5-5
Advertisement
Table of Contents
Troubleshooting
