Cisco Nexus 5600 Series - Configuring NTP Access Restrictions

To Next Page

To Previous Page

PurposeCommand or Action

(Optional)

Displays the configured NTP trusted keys.

switch(config)# show ntp

trusted-keys

Step 5

Enables or disables the NTP authentication feature. NTP

authentication is disabled by default.

switch(config)# [no] ntp

authenticate

Step 6

(Optional)

Displays the status of NTP authentication.

switch(config)# show ntp

authentication-status

Step 7

(Optional)

Saves the change persistently through reboots and restarts

by copying the running configuration to the startup

configuration.

switch(config)# copy

running-config startup-config

Step 8

This example shows how to configure the device to synchronize only to time sources that provide authentication

key 42 in their NTP packets:

switch# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)# ntp authentication-key 42 md5 aNiceKey

switch(config)# ntp server 10.1.1.1 key 42

switch(config)# ntp trusted-key 42

switch(config)# ntp authenticate

switch(config)# copy running-config startup-config

[########################################] 100%

switch(config)#

Configuring NTP Access Restrictions

You can control access to NTP services by using access groups. Specifically, you can specify the types of

requests that the device allows and the servers from which it accepts responses.

If you do not configure any access groups, NTP access is granted to all devices. If you configure any access

groups, NTP access is granted only to the remote device whose source IP address passes the access list criteria.

Procedure

PurposeCommand or Action

Enters global configuration mode.switch# configure terminal

Step 1

Creates or removes an access group to control NTP access and

applies a basic IP access list.

switch(config)# [no] ntp

access-group {peer | serve |

Step 2

serve-only | query-only}

access-list-name

The access group options are scanned in the following order, from

least restrictive to most restrictive. However, if NTP matches a deny

ACL rule in a configured peer, ACL processing stops and does not

continue to the next access group option.

•

The peer keyword enables the device to receive time requests

and NTP control queries and to synchronize itself to the servers

specified in the access list.

Cisco Nexus 5600 Series NX-OS System Management Configuration Guide, Release 7.x

226 OL-31641-01

Configuring NTP

Configuring NTP Access Restrictions

Main Page

Cisco Nexus 5600 Series - Configuring NTP Access Restrictions

Table of Contents

Other manuals for Cisco Nexus 5600 Series

Related product manuals