Re: NTP Server

From: Mr.M (mnoktes@gmail.com)
Date: Fri Jan 02 2009 - 17:39:24 ARST

• Next message: Jared Scrivener: "RE: NTP Server"
• Previous message: Marko Milivojevic: "Re: Gold Partner and Dual CCIE"
• Maybe in reply to: Ed Man: "NTP Server"
• Next in thread: Jared Scrivener: "RE: NTP Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Eric,
  I don't know if that is correct statement. Please refer to cisco website
below and look at step 4.

http://www.cisco.com/univercd/cc/td/doc/product/netsec/secmgmt/asdmhelp/5_0procs/conf-ips/ntpserv.htm

Also I dont' see from internetworkexpert states that this command using only
on client. From what i understand, if you have more than one key on server,
then you can use this command to specific the one you want.

Cheers,
Monty
----- Original Message -----
From: "Eric Brouwers" <EricBrouwers@vodafone.nl>
To: "GS" <ccielab@groupstudy.com>
Cc: "Ed Man" <networkexpert08@gmail.com>
Sent: Friday, January 02, 2009 1:05 PM
Subject: Re: NTP Server

> Ed,
>
> Note that client authenticates server. ntp trusted-key statement is only
> needed on client. Server side only needs the ntp authentication-key.
> Check out this link:
> http://www.internetworkexpert.com/resources/ntp-authentication.htm
>
> It shows following example:
>
> Server:
>
> ntp master 1
> ntp authentication-key 1 md5 CISCO
>
> Client:
>
> ntp authenticate
> ntp authentication-key 1 md5 CISCO
> ntp trusted-key 1
> ntp server 12.0.0.1 key 1
>
> Eric Brouwers
>
> Radioactive Frog wrote:
>
> Hi Ed,
> 'ntp trusted-key 1' is to tell router which key is valid for NTP
> authentication.
> Mind you, ntp server will still be syncing time with other
> non-authenticated
> clients. e.g. client not configured to use authentication with server.
> The only way to do that is to apply ACL.
>
> HTH
> -Frog
> CCIE voice#21569
>
> On Sat, Jan 3, 2009 at 12:10 AM, Ed Man <networkexpert08@gmail.com>
> wrote:
>
> Hi Group,
>
> Got confused when labbing with NTP...
>
> Server:
> ntp authentication-key 1 md5 CISCO 0
> ntp trusted-key 1
> ntp master 4
>
> Client:
> ntp authentication-key 1 md5 032772382520 7
> ntp authenticate
> ntp clock-period 17179828
> ntp server 1.1.1.1 key 1
>
> If "ntp trusted-key 1" is removed from server, client can synchronized
> with
> server.
>
> My question is that do we really need server to have "ntp trusted-key
> 1"
> configured.
>
> Thanks
> Ed.
>
> Blogs and organic groups at http://www.ccie.net
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> Blogs and organic groups at http://www.ccie.net
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> --------------------------------------------------------------------
>
> No virus found in this incoming message.
> Checked by AVG - http://www.avg.com
> Version: 8.0.176 / Virus Database: 270.10.2/1871 - Release Date: 1-1-2009
> 17:01
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

• Next message: Jared Scrivener: "RE: NTP Server"
• Previous message: Marko Milivojevic: "Re: Gold Partner and Dual CCIE"
• Maybe in reply to: Ed Man: "NTP Server"
• Next in thread: Jared Scrivener: "RE: NTP Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:36 ARST