Network requirements, Configuring device a – H3C Technologies H3C SecPath F1000-E User Manual
Page 76
68
Item Description
Key 1
Set NTP authentication key.
The NTP authentication feature should be enabled for a system
running NTP in a network where there is a high security demand.
This feature enhances the network security by means of client-server
key authentication, which prohibits a client from synchronizing with
a device that has failed authentication.
You can set two authentication keys, each of which is composed of a
key ID and key string.
•
ID is the ID of a key.
•
Key string is a character string for MD5 authentication key.
Key 2
External Reference
Source
NTP Server
1/Reference
Key ID
Specify the IP address of an NTP server, and configure the
authentication key ID used for the association with the NTP server.
Only if the key provided by the server is the same with the specified
key will the device synchronize its time to the NTP server.
You can configure two NTP servers. The clients will choose the
optimal reference source.
IMPORTANT:
The IP address of an NTP server is a unicast address, and cannot be a
broadcast or a multicast address, or the IP address of the local clock
source.
NTP Server
2/Reference
Key ID
TimeZone
Set the time zone where the system resides.
Date and time configuration example in the Web interface
In this configuration example, either Device A or Device B is the SecPath firewall.
Network requirements
•
The local clock of Device A is set as the reference clock, with the stratum of 2.
•
Device B works in the client mode, and uses Device A as the NTP server.
Figure 46 Network diagram
Configuring Device A
Configure the local clock as the reference clock, with the stratum of 2:
1.
Select Device Management > System Time from the navigation tree.
2.
Click Net Time.
3.
Select 127.127.1.1 from the Local Reference Source list.
4.
Select 2 from the Stratum list.
5.
Click Apply.