From: Sila Moni (silamoni@yahoo.com)
Date: Thu Jul 07 2005 - 15:10:15 GMT-3
Peter,
From my understanding, NTP server authenticates with
the client. Therefore, "ntp trusted-key" statement is
only required on the client side. In the configure
below, you set the stratum on R2 to 10. That means
your client will be 11. The lower the stratum the
better - usually 1 or 2. Finally, if authentication
is both ways, the pass phrase should be the same.
Sila
> R2
> !
> ntp master 10
> ntp trusted-key 1
> ntp authenticate
> ntp authentication-key 1
> md5 ccie
> !
>
> R1
> !
> ntp server 10.0.0.2
> ntp trusted-key 1
> ntp authenticate
> ntp
> authentication-key 1 md5 cisco
--- Teesa Peter <tespet@rediffmail.com> wrote:
>
> Hi,
>
> R1 & R2 are connected through a point-to-point
> interface having ip
> addresses 10.0.0.1 & 10.0.0.2 respectively. R2 is
> the ntp master.R1 is
> synchronising with R2 and also I want to
> authenticate NTP.I configured R2 as:
> R2
> !
> ntp master 10
> ntp trusted-key 1
> ntp authenticate
> ntp authentication-key 1
> md5 ccie
> !
>
> R1
> !
> ntp server 10.0.0.2
> ntp trusted-key 1
> ntp authenticate
> ntp
> authentication-key 1 md5 cisco
> !
>
> Here the R1 is synchronising with R2 evenif
> the key or password are different.So is it that here
> authentication is not
> working ?
> The other thing is that if I change R1's ntp server
> command to
> include the "key" ie
> R1
> !
> ntp server 10.0.0.2 key 1
> !
>
> In this case R1 is
> not synchronising.Here R1 will synchronise only if
> both keys and passwords are
> same.
> So If I am asked to configure NTP authentication,
> need I add the "key"
> keyword to my "ntp server" or " ntp peer " statement
> ?
>
> Thanks,
> Peter
>
>
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:00:29 GMT-3