07-11-2007 10:29 PM - edited 03-03-2019 05:49 PM
Hi Sir,
I have an NTP issue. Router R4 is an NTP master and router R2 is an NTP client.
R4
--
!
interface Loopback0
ip address 200.0.x.x.255.255.255
!
clock timezone CST -6
ntp source Loopback0
ntp master
!
R2
--
!
clock timezone CST -6
ntp authentication-key 1 md5 xxx
ntp authenticate
ntp trusted-key 1
ntp update-calendar
ntp server 200.0.0.4
!
R2#sh ntp sta
Clock is synchronized, stratum 9, reference is 200.0.0.4
nominal freq is 250.0000 Hz, actual freq is 250.0053 Hz, precision is 2**18
reference time is CA410B64.43C1EEE4 (14:19:48.264 CST Thu Jul 12 2007)
clock offset is -10.6025 msec, root delay is 33.62 msec
root dispersion is 14.45 msec, peer dispersion is 3.81 msec
R2#
Why, after enabling authentication on R2, R2 still synchronizes to R4? Do I need to configure similar authentication mechanism on R4? I have tried configure a different MD5 key on R4 and yet, R2 still synchronizes to R4 !
Can you please advise how NTP encrypted authentication is configured?
Thank you.
B.Rgds,
Lim TS
07-12-2007 07:28 AM
NTP Authentication is enforced by the NTP server, on this sample, R4 is the server.
In order to have authentication going between these 2 devices, just enter the following commands in R4
ntp authentication-key 1 md5 1419061B01007F 7
ntp authenticate
ntp trusted-key 1
07-14-2007 12:07 AM
Hello Toh Soon Lim.
Yes, as you say, NTP authentication's purpose is to identify if the server is trustworthy.
So when MASTER has wrong password, CLIENT will not synchronize with it.
You have a mistake in your configuration though. For client (R2) to use authentication, you have to type:
ntp server 200.0.0.4 key 1
Without the "key 1" at the end, authentication will not be used.
07-14-2007 08:44 AM
Hi,
You are right! For R2, I need to type "ntp server 200.0.0.4 key 1". With this command, R2 will not synchronize with R4 if R4's MD5 authentication key is different.
I'm confused with the command "ntp trusted-key 1". How is it related to other NTP authentication commands?
Thank you.
B.Rgds,
Lim TS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide