Configuration Procedure - 3Com MSR 50 Series Configuration Manual

Configuration Procedure

n
key. Namely, the ntp-service authentication enable command must work
together with the ntp-service authentication-keyid command and the
ntp-service reliable authentication-keyid command. Otherwise, the NTP
authentication function cannot be normally enabled.
For the server/client mode or symmetric mode, you need to associate the
■
specified authentication key on the client (symmetric-active peer if in the
symmetric peer mode) with the corresponding NTP server (symmetric-passive
peer if in the symmetric peer mode). Otherwise, the NTP authentication feature
cannot be normally enabled.
For the broadcast server mode or multicast server mode, you need to associate
■
the specified authentication key on the broadcast server or multicast server
with the corresponding NTP server. Otherwise, the NTP authentication feature
cannot be normally enabled.
For the server/client mode, if the NTP authentication feature has not been
■
enabled for the client, the client can synchronize with the server regardless the
NTP authentication feature has been enabled for the server or not.
For all synchronization modes, the server side and the client side must be
■
consistently configured.
If the NTP authentication is enabled on a client, the client can be synchronized
■
only to a server that can provide a trusted authentication key.
Configuring NTP authentication for a client
Follow these steps to configure NTP authentication for a client:
To do...
Enter system view
Enable NTP authentication
Configure an NTP
authentication key
Configure the key as a trusted
key
Associate the specified key
with an NTP server
After you enable the NTP authentication feature for the client, make sure that you
configure for the client an authentication key that is the same as on the server and
specify that the authentication is trusted; otherwise, the client cannot be
synchronized to the server.
Configuring NTP Authentication
Use the command...
system-view
ntp-service authentication
enable
ntp-service
authentication-keyid keyid
authentication-mode md5
value
ntp-service reliable
authentication-keyid keyid
Server/client mode:
ntp-service unicast-server
{ ip-address | server-name }
authentication-keyid keyid
Symmetric peers mode:
ntp-service unicast-peer
{ ip-address | peer-name }
authentication-keyid keyid
2061
Remarks
-
Required
Disabled by default
Required
No NTP authentication key by
default
Required
No authentication key is
configured to be trusted by
default
Required
You can associate a
non-existing key with an NTP
server. To enable NTP
authentication, you must
configure the key and specify
it as a trusted key after
associating the key with the
NTP server.