EasyManuals Logo

Cisco A9K-SIP-700 User Manual

Cisco A9K-SIP-700
422 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #234 background imageLoading...
Page #234 background image
The encrypted NTP authentication scheme should be used when a reliable form of access control is required.
Unlike the access-list-based restriction scheme that is based on IP addresses, the encrypted authentication
scheme uses authentication keys and an authentication process to determine if NTP synchronization packets
sent by designated peers or servers on a local network are deemed as trusted, before the time information that
it carries along is accepted.
The authentication process begins from the moment an NTP packet is created. A message authentication code
(MAC) is computed using the MD5 Message Digest Algorithm and the MAC is embedded into an NTP
synchronization packet. The NTP synchronization packet together with the embedded MAC and key number
are transmitted to the receiving client. If authentication is enabled and the key is trusted, the receiving client
computes the MAC in the same way. If the computed MAC matches the embedded MAC, the system is
allowed to sync to the server that uses this key in its packets.
After NTP authentication is properly configured, your networking device only synchronizes with and provides
synchronization to trusted time sources.
SUMMARY STEPS
1.
configure
2.
ntp
3.
authenticate
4.
authentication-key key-number md5 [clear | encrypted] key-name
5.
trusted-key key-number
6.
Use one of the following commands:
•
end
•
commit
DETAILED STEPS
PurposeCommand or Action
configure
Step 1
Enters NTP configuration mode.ntp
Example:
RP/0/RSP0/CPU0:router(config)# ntp
Step 2
Enables the NTP authentication feature.authenticate
Example:
RP/0/RSP0/CPU0:router(config-ntp)#
authenticate
Step 3
Defines the authentication keys.
authentication-key key-number md5 [clear |
encrypted] key-name
Step 4
•
Each key has a key number, a type, a value, and, optionally, a
name. Currently the only key type supported is md5.
Cisco ASR 9000 Series Aggregation Services Router System Management Configuration Guide, Release 5.1.x
216
Implementing NTP
Configuring NTP Authentication

Table of Contents

Other manuals for Cisco A9K-SIP-700

Preview: Service Configuration Guide
Service Configuration Guide204 pages
Preview: Quick Reference Guide
Quick Reference Guide7 pages
Preview: Configuring
Configuring46 pages
Preview: Software Manual
Software Manual166 pages
Preview: System Configuration Guide
System Configuration Guide168 pages
Preview: Manual
Manual64 pages
Preview: Configuration Manual
Configuration Manual50 pages
Preview: Command Reference Guide
Command Reference Guide1138 pages
Preview: Command Reference
Command Reference590 pages
Preview: Installation Guide
Installation Guide284 pages
Preview: Configuration Guidelines
Configuration Guidelines694 pages
Preview: Configuration Guide
Configuration Guide604 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco A9K-SIP-700 and is the answer not in the manual?

Cisco A9K-SIP-700 Specifications

General IconGeneral
BrandCisco
ModelA9K-SIP-700
CategoryNetwork Router
LanguageEnglish

Related product manuals