Configuring ntp authentication for an active peer, Configuring ntp authentication for a passive peer, Configuring ntp authentication in broadcast mode – H3C Technologies H3C WX5500E Series Access Controllers User Manual
Page 29
21
{
On the active peer, if NTP authentication is enabled and a key is associated with the passive
peer, but the key is not a trusted key, no matter whether NTP authentication is enabled or not on
the passive peer, the active peer does not synchronize to the passive peer.
•
When the active peer has a smaller stratum level than the passive peer:
On the active peer, if NTP authentication is not enabled, no key is specified to associate with the
passive peer, or the key is not a trusted key, the active peer can synchronize to the passive peer
as long as NTP authentication is disabled on the passive peer.
Configuring NTP authentication for an active peer
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enable NTP authentication.
ntp-service authentication enable
By default, NTP authentication is
disabled.
3.
Configure an NTP
authentication key.
ntp-service authentication-keyid
keyid authentication-mode md5
[ cipher | simple ] value
By default, no NTP authentication
key is configured.
Configure the same authentication
key on the active symmetric peer
and passive symmetric peer.
4.
Configure the key as a trusted
key.
ntp-service reliable
authentication-keyid keyid
By default, the authentication key is
not configured as a trusted key.
5.
Associate the specified key
with the passive peer.
ntp-service unicast-peer
{ ip-address | peer-name }
authentication-keyid keyid
You can associate a non-existing
key with a passive peer. To make
NTP authentication effective, you
must specify the key as an
authentication key and specify it as
a trusted key after associating the
key with the passive peer.
Configuring NTP authentication for a passive peer
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enable NTP authentication.
ntp-service authentication enable
By default, NTP authentication is
disabled.
3.
Configure an NTP
authentication key.
ntp-service authentication-keyid
keyid authentication-mode md5
[ cipher | simple ] value
By default, no NTP authentication
key is configured.
Configure the same authentication
key on the active symmetric peer
and passive symmetric peer.
4.
Configure the key as a trusted
key.
ntp-service reliable
authentication-keyid keyid
By default, the authentication key is
not configured as a trusted key.
Configuring NTP authentication in broadcast mode
Follow these instructions to configure NTP authentication in broadcast mode: