mchin345 Fri, 05/09/2008 - 07:37
User Badges:
  • Silver, 250 points or more

You can use ACLs to verify trusted NTP sources

michael.leblanc Mon, 06/02/2008 - 11:26
User Badges:
  • Silver, 250 points or more

Having a little difficulty interpreting your question.


The following would allow you to control which hosts are allowed to interact with NTP services on the Cisco device, and whether they can interact as clients or peers.


access-list 2 remark --- NTP Peers.

access-list 2 permit

access-list 2 deny any log


access-list 3 remark --- NTP Clients.

access-list 3 permit 192.168.1.0 0.0.0.255

access-list 3 deny any


ntp source Loopback0

ntp access-group peer 2

ntp access-group serve-only 3

ntp server



Perhaps refer to:


Network Time Protocol: Best Practices White Paper


http://www.cisco.com/warp/public/126/ntpm.pdf


Actions

This Discussion