From: Kenneth Wygand (KWygand@customonline.com)
Date: Fri Feb 06 2004 - 18:55:48 GMT-3
So in other words, since by design only NTP clients should initiate
authentication requests, NTP Authenticate should only be configured on
NTP clients, correct?
Kenneth E. Wygand
Systems Engineer, Project Services
CISSP #37102, CCNP, CCDP, ACSP, Cisco IPT Design Specialist, MCP, CNA,
Network+, A+
Custom Computer Specialists, Inc.
"Success is to be measured not so much by the position one has reached
in life as by the obstacles which he has overcome while trying to
succeed."
-Booker Taliaferro Washington
-----Original Message-----
From: Brian McGahan [mailto:bmcgahan@internetworkexpert.com]
Sent: Friday, February 06, 2004 4:54 PM
To: Kenneth Wygand; ccielab@groupstudy.com
Subject: RE: Ping Brian McGahan - Your NTP Paper
Ken,
The point of the command is to show that it is not required and
has
no effect. The 'ntp authenticate' command instructs the router to issue
an
authentication challenge to servers or peers that have an associated
authentication key configured. In case II of the paper, the client is
not
challenging the server. Therefore the authentication configuration on
the
server does not have any effect.
http://www.internetworkexpert.com/resources/01700369.htm
HTH,
Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> Kenneth Wygand
> Sent: Friday, February 06, 2004 2:55 PM
> To: ccielab@groupstudy.com
> Subject: Ping Brian McGahan - Your NTP Paper
>
> Brian,
>
>
>
> This question relates to your white paper on NTP
> (internetworkexpert.com), but can also be answered by the group.
>
>
>
> In the cases you list, case II is "Authentication on Master (R1) Only"
> and case IV is "Authentication on Master (R1) and Client (R2)".
>
>
>
> The configuration for R1 in case II is as follows:
>
>
>
> <snip>
>
> R1(config)#ntp master 1
>
> R1(config)#ntp authenticate
>
> R1(config)#ntp authentication-key 1 md5 CISCO
>
> <snip>
>
>
>
> Yet the configuration for R1 in case IV is as follows:
>
>
>
> <snip>
>
> R1(config)#ntp master 1
>
> R1(config)#ntp authentication-key 1 md5 CISCO
>
> <snip>
>
>
>
> Note the command "ntp authenticate" is listed in R1's configuration in
> case II but not in case IV. The description on both cases is that
> Authentication *IS* enabled on R1. Was this done intentionally, and
if
> so, why is "ntp authenticate" only required in case II.
>
>
>
> Thanks!
>
>
>
> Kenneth E. Wygand
> Systems Engineer, Project Services
>
> CISSP #37102, CCNP, CCDP, ACSP, Cisco IPT Design Specialist, MCP, CNA,
> Network+, A+
> Custom Computer Specialists, Inc.
>
> "Success is to be measured not so much by the position one has reached
> in life as by the obstacles which he has overcome while trying to
> succeed."
> -Booker Taliaferro Washington
>
>
This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:47 GMT-3