Configuring Ntp Authentication - 3Com 4500G Family Configuration Manual
24/48 port
Hide thumbs
Also See for 4500G Family:
- Getting started manual (92 pages) ,
- Datasheet (8 pages) ,
- Product manual (15 pages)
Table of Contents
Advertisement
Configuring NTP Authentication
The NTP authentication feature should be enabled for a system running NTP in a network where there
is a high security demand. This feature enhances the network security by means of client-server key
authentication, which prohibits a client from synchronizing with a device that has failed authentication.
Configuration Prerequisites
The configuration of NTP authentication involves configuration tasks to be implemented on the client
and on the server.
When configuring the NTP authentication feature, pay attention to the following principles:
For all synchronization modes, when you enable the NTP authentication feature, you should
configure an authentication key and specify it as a trusted key. Namely, the ntp-service
authentication enable command must work together with the ntp-service authentication-keyid
command and the ntp-service reliable authentication-keyid command. Otherwise, the NTP
authentication function cannot be normally enabled.
For the client/server mode or symmetric mode, you need to associate the specified authentication
key on the client (symmetric-active peer if in the symmetric peer mode) with the corresponding
NTP server (symmetric-passive peer if in the symmetric peer mode). Otherwise, the NTP
authentication feature cannot be normally enabled.
For the broadcast server mode or multicast server mode, you need to associate the specified
authentication key on the broadcast server or multicast server with the corresponding NTP server.
Otherwise, the NTP authentication feature cannot be normally enabled.
For the client/server mode, if the NTP authentication feature has not been enabled for the client,
the client can synchronize with the server regardless of whether the NTP authentication feature
has been enabled for the server or not. If the NTP authentication is enabled on a client, the client
can be synchronized only to a server that can provide a trusted authentication key.
For all synchronization modes, the server side and the client side must be consistently configured.
Configuration Procedure
Configuring NTP authentication for a client
Follow these steps to configure NTP authentication for a client:
To do...
Enter system view
Enable NTP authentication
Configure an NTP
authentication key
Configure the key as a trusted
key
Use the command...
system-view
ntp-service authentication
enable
ntp-service
authentication-keyid keyid
authentication-mode md5
value
ntp-service reliable
authentication-keyid keyid
1-14
Remarks
—
Required
Disabled by default
Required
No NTP authentication key by
default
Required
No authentication key is
configured to be trusted by
default.
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
