Even though the Time Sync Mode is set to Sntp,
time synchronization is disabled because no
sntp has disabled the SNTP Mode parameter.
Figure 9-11. Example of Disabling Time Synchronization by Disabling the SNTP Mode
SNTP Client Authentication
Enabling SNTP authentication allows network devices such as HP ProCurve
switches to validate the SNTP messages received from an NTP or SNTP server
before updating the network time. NTP or SNTP servers and clients must be
configured with the same set of authentication keys so that the servers can
authenticate the messages they send and clients (HP ProCurve switches) can
validate the received messages before updating the time.
This feature provides support for SNTP client authentication on HP ProCurve
switches, which addresses security considerations when deploying SNTP in
a network.
Requirements
The following must be configured to enable SNTP client authentication on the
switch.
SNTP Client Authentication Support
â– Timesync mode must be SNTP. Use the timesync sntp command.
(SNTP is disabled by default.)
■SNTP must be in unicast or broadcast mode. See “Configuring Unicast
and Broadcast Mode” on page 9-21.
â– The MD5 authentication mode must be selected.
â– An SNTP authentication key-identifier (key-id) must be configured on
the switch and a value (key-value) must be provided for the authenti-
cation key. A maximum of 8 sets of key-id and key-value can be
configured on the switch.
9-17
To Next Page
Loading...
Need help?
General