6-35
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Chapter6 Administering the Swi tc h Managing the System Time and Date
Default NTP Configuration
Table 6 -2 shows the default NTP configuration.
NTP is enabled on all interfaces by default. All interfaces receive NTP packets.
Configuring NTP Authentication
This procedure must be coordinated with the administrator of the NTP server; the information you configure
in this procedure must be matched by the servers used by the switch to synchronize its time to the NTP server.
Beginning in p r ivileged EXEC m o d e , follow these s teps to authenticate the associations (communications
between devices running NTP that provide for accurate timekeeping) with other devices for security
purposes:
Table6-2 Default NTP Configuration
Feature Default Setting
NTP authentication Disabled. No authentication key is specified.
NTP peer or server associations None configured.
NTP broadcast service Disabled; no interface sends or receives NTP broadcast packets.
NTP access restrictions No access control is specified.
NTP packet source IP address The source address is determined by the outgoing interface.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 ntp authenticate Enable the NTP authentication feature, which is disabled by
default.
Step3 ntp authentication-key number md5 value Define the authentication keys. By default, none ar e de fine d.
For number, specify a key number. The range is 1 to
4294967295.
md5 specifies that message authentication support is provided
by using the message digest algorithm 5 (MD5).
For value, enter an arbitrary string of up to eight characters for
the key.
The switch does not synchronize to a device unless both have one
of these authentication keys, and the key number is specified by the
ntp trusted-key key-number command.
Step4 ntp trusted-key key-number Specify one or more key numbers (defined in Step 3) that a peer
NTP device must provide in its NTP packets for this switch to
synchronize to it.
By default, no trusted keys are defined.
For key-number, specify the key defined in Step 3.
This command provides protection against accidentally
synchronizing the switch to a device that is not trusted.