From: ccie2be (ccie2be@nyc.rr.com)
Date: Thu Jun 16 2005 - 15:15:25 GMT-3
Hey Patrick,
I'm trying to make R3 authenticate BB3, not the other way around.
In this case, BB3 is the ntp master and R3 is the ntp client. R3, as a
client wants to authenticate the authenticity of BB3.
BB3 is a ntp master. It doesn't care who's getting ntp time from it so it
won't authenticate anybody.
Thanks just the same.
Tim
-----Original Message-----
From: Patrick Aland [mailto:paland@gmail.com]
Sent: Thursday, June 16, 2005 2:07 PM
To: ccie2be
Subject: Re: NTP authentication
ntp authentication isn't turned on on your BB router. You're missing
an ntp authenticate and and a trusted key.
On 6/16/05, ccie2be <ccie2be@nyc.rr.com> wrote:
> Hi guys,
>
> This doesn't make much sense to me.
>
> R3 is getting ntp time from BB3.
>
> R3(config)#do r | in ntp
> ntp authentication-key 1 md5 123A2C243124 7
> ntp authenticate
> ntp trusted-key 1
> ntp server 204.12.1.254 key 1
>
>
> BB3's config's
>
> BB3#r | in ntp
> ntp authentication-key 1 md5 0802657D2A36 7
> ntp clock-period 17179837
> ntp master 4
> ntp server 172.16.4.1
>
> As you can see, both R3 and BB3 are using key 1.
>
> But, in the debug on R3, it shows key 0. Why is that?
>
> .Mar 1 06:29:34.518: Authentication key 0
> .Mar 1 06:29:34.518: NTP: packet from 204.12.1.254 failed validity tests
10
> .Mar 1 06:29:34.518: Authentication failed
> .Mar 1 06:30:38.519: Authentication key 0
> .Mar 1 06:30:38.519: NTP: packet from 204.12.1.254 failed validity tests
10
> .Mar 1 06:30:38.519: Authentication failed
> .Mar 1 06:31:42.520: Authentication key 0
> .Mar 1 06:31:42.520: NTP: packet from 204.12.1.254 failed validity tests
10
> .Mar 1 06:31:42.520: Authentication failed
>
>
> TIA, Tim
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- --Patrick
This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:41 GMT-3