RE: NTP authentication

From: Sam Munzani (sam@xxxxxxxxxx)
Date: Tue Aug 01 2000 - 11:26:53 GMT-3

• Next message: Patrick Duroseau: "ATM LEC config"
• Previous message: Sam Munzani: "Re: NTP authentication"
• Next in thread: Brian S turner: "RE: NTP authentication"
• Maybe reply: Brian S turner: "RE: NTP authentication"
• Maybe reply: Kenneth Kriel: "RE: NTP authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
That's good one. I am using access-group to prevent other people. You may
be right on NTP server authentication then.

On Mon, 31 Jul 2000, David H. Brown wrote:

> Sam,
>
> Several of us have it working with either as well. But, can you PREVENT a
> non-authenticating peer (a router with no authentication statement) from
> syncing with the server, WITHOUT using an access-group on the server? If
> so, please post the configs.
>
> David
> (RTP lab 8/6)
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Sam Munzani
> Sent: Monday, July 31, 2000 10:51 AM
> To: Derek Small
> Cc: John Conzone; Simon Hopkins; Andrew; ccielab
> Subject: Re: NTP authentication
>
>
> Wrong. I have it working with NTP server command.
>
> On Sun, 30 Jul 2000, Derek Small wrote:
>
> > You cannot use the "ntp server" command if you want to do authentication.
> Use the "NTP peer" command on both server and client to get it to work
> correctly.
> >
> > Derek Small
> > CCIE # 5832
> > dwsmall@fatkid.com
> >
> >
> > ----- Original Message -----
> > From: John Conzone
> > To: Simon Hopkins ; Andrew
> > Cc: ccielab
> > Sent: Sunday, July 30, 2000 4:09 PM
> > Subject: Re: NTP authentication
> >
> >
> > Simon, the problem is that if I enable authentication on the server
> side, the clients still connect whether I specify authentication on the
> client or not. I debug ntp auth and see NOTHING. I debug ntp packets and
> see the same whether I have authentication on or not.
> > I'm thinking that if I enable authentication on the server then none
> of the clients should be able to sync without authentication. Like OSPF or
> RIP2.
> > I have searched CCO and TAC database for any complete NTP
> authentication configs and have found none. I find that curious. I can't
> find any, not even partial using NTP authentication.
> > ----- Original Message -----
> > From: Simon Hopkins
> > To: Andrew
> > Cc: John Conzone ; ccielab
> > Sent: Sunday, July 30, 2000 3:09 PM
> > Subject: Re: NTP authentication
> >
> >
> > A common problem is using the "ntp server x.x.x.x" command without the
> "key"
> > e.g
> > ntp authenticate
> > ntp trusted-key 1
> > ntp authentication-key 1 md5 cisco
> > ntp server x.x.x.x key 1
> >
> >
> > Andrew wrote:
> >
> > Can you show us what configuration you are using?
> > At 12:44 PM 7/30/00 -0400, John Conzone wrote:
> >
> > I have 6 routers, one as NTP Master 1 and the others as NTP
> server X.X.X.X (ip of master).
> > I have no problem getting the other 5 to pull time from the master
> and clocks all synch up.
> > However, I cannot get authentication to work. The clients
> synch to the master regardless of whether authentication is on or not. I
> can't find any good examples of NTP authentication configuration. I'm sure
> I'm implementing wrong. Any help?
> > Thanks!
> >
>

• Next message: Patrick Duroseau: "ATM LEC config"
• Previous message: Sam Munzani: "Re: NTP authentication"
• Next in thread: Brian S turner: "RE: NTP authentication"
• Maybe reply: Brian S turner: "RE: NTP authentication"
• Maybe reply: Kenneth Kriel: "RE: NTP authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:19 GMT-3