Cisco Systems DOC-7814982 Default NTP Configuration, Configuring NTP Authentication

7-37

Catalyst 2950 Desktop Switch Software Configuration Guide

78-14982-01

Chapter 7 Adminis tering the Switch Managi ng the System Ti me and Dat e

Default NTP Configuration

Table 7-2 shows the defaul t N TP co nfigurat ion .

NTP is enabled on all interfaces by default. All interfaces receive NTP packets.

This proced ure mus t be coordinat ed with the ad ministr ator o f the N TP ser ver; the i nformation you co nf igu re

in this procedure must be matched by the server s used by the switch to synchronize its time to the NTP serv er.

B e g inn ing i n p r iv i l ege d E XEC m o d e , f o llow the s e st e p s t o auth entic ate the associations (commu nicat ions

betwee n devices running NT P that provid e for accu rate tim ekeepin g) with oth er devices for secur ity

purposes:

Table 7-2 Default NTP Configuration

Feature Default Setting

NTP authentication Disabled. No authenticatio n key is specified.

NTP peer or server associations None configured.

NTP broadc ast servic e Disable d; no interface sen ds or receives NTP broadc ast packets.

NTP access restrictions No access control is specified.

NTP packet sourc e IP address The source ad dress is deter mined by the outg oing inte rface.

Command Purpose

Step 1 configure terminal Enter g lob al c onfigura tion m ode .

Step 2 ntp authenticate Enable the NTP authentication feature, wh ich is disabled by

default.

Step 3 ntp authentication-key number md5 value Define the au thent icatio n keys. By default , none are defined.

•For number, specify a key num be r. T he r an ge i s 1 to

4294967295.

•md5 specif ies th at me ss ag e au the nt ication support is provided

by using the messag e digest algor ithm 5 (MD5).

•For value, enter an arb itrar y stri ng of up to eigh t char acter s for

the key.

The switch does not synchr onize to a device unless both have one

of these authentication keys, and the key number is specified by the

ntp trusted-key key-number command.

Step 4 ntp trusted-key key-number Specify one or more key numbers (defined in Step 3) that a peer

NTP device must provide in its NTP packets for th is switch to

synchronize to it.

By defau lt, no t rust ed keys a re de fined.

For key-number, specify the key defined in Step 3.

This command provides protection against accidentally

synchronizing the switch to a device that is not trusted.