Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

sensor configuration ntp

The sensor have xntpd daemon,but I can't find ntp.conf?

how can I use it become a ntp server or client?

2 REPLIES
Cisco Employee

Re: sensor configuration ntp

There is currently no support for ntp on the CIDS appliance. The next major release of the product (v4) will have support for ntp, including configuration commands in the CLI.

New Member

Re: sensor configuration ntp

We run our sensors in a ntp client configuration only. Simply rename /etc/inet/ntp.client to /etc/inet/ntp.conf and modify it for your needs.

Ex.:

# @(#)ntp.client 1.2 96/11/06 SMI

#

# /etc/inet/ntp.conf

#

# NTP client configuration

#

# insert your NTP servers here:

server 1.1.1.1

server 1.1.2.1

restrict default ignore # default: ignore all NTP msgs

# from all machines

restrict 127.0.0.1 # localhost is unrestricted

# nomodify: Don't allow modifications to local running configuration

# noquery: Don't allow hosts to query for time

restrict 1.1.1.1 nomodify noquery

restrict 1.1.2.1 nomodify noquery

driftfile /var/ntp/ntp.drift

After you have modified your time source ip addresses run the xntpd:

/etc/rc2.d/S74xntpd start as superuser and check after some minutes with the ntpq -p command if everything works.

You can also a ntp server but I wouldn't run it on a security device. If you need to do so, use the 'restrict xxx.xxx.xxx.xxx nomodify' configuration line to allow only a minimum ntp clients.

Although xntpd is not supported by Cisco it works perfectly for me without any problems. But make sure that you install the latest Service Pack for the sensor to install the latest Solaris patches also.

Wilfried

89
Views
0
Helpful
2
Replies
CreatePlease login to create content