Configuring ntp authentication for a server – H3C Technologies H3C SecPath F1000-E User Manual
Page 122
111
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enable NTP authentication.
ntp-service authentication enable
By default, NTP authentication is
disabled.
3.
Configure an NTP
authentication key.
ntp-service authentication-keyid
keyid authentication-mode md5
value
By default, no NTP authentication
key is configured.
4.
Configure the key as a trusted
key.
ntp-service reliable
authentication-keyid keyid
By default, the authentication key is
not configured as a trusted key.
5.
Associate the specified key
with an NTP server.
•
Client/server mode:
ntp-service unicast-server
{ ip-address | server-name }
authentication-keyid keyid
•
Symmetric peers mode:
ntp-service unicast-peer
{ ip-address | peer-name }
authentication-keyid keyid
You can associate a non-existing
key with an NTP server. To enable
NTP authentication, you must
configure the key and specify it as
a trusted key after associating the
key with the NTP server.
After you enable the NTP authentication feature for the client, make sure that you configure for the client
an authentication key that is the same as on the server and specify that the authentication key is trusted.
Otherwise, the client cannot be synchronized to the server.
Configuring NTP authentication for a server
To configure NTP authentication for a server:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enable NTP authentication.
ntp-service authentication enable
By default, NTP authentication is
disabled.
3.
Configure an NTP
authentication key.
ntp-service authentication-keyid
keyid authentication-mode md5
value
By default, no NTP authentication
key is configured.
Configure the same authentication
key on the client and server.
4.
Configure the key as a trusted
key.
ntp-service reliable
authentication-keyid keyid
By default, the authentication key is
not configured as a trusted key.
5.
Enter interface view.
interface interface-type
interface-number
N/A
6.
Associate the specified key
with an NTP server.
•
Broadcast server mode:
ntp-service broadcast-server
authentication-keyid keyid
•
Multicast server mode:
ntp-service multicast-server
authentication-keyid keyid
You can associate a non-existing
key with an NTP server. To enable
NTP authentication, you must
configure the key and specify it as
a trusted key after associating the
key with the NTP server.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS