NTP Authentication
When you enable NTP authentication, the device synchronizes to a time source only if the source carries the authentication keys specified with the source by key identifier. The device drops any packets that fail the authentication check, and prevents them from updating the local clock.
Client
|
#configure terminal |
Enter Configure mode. |
|
(config)#feature ntp vrf vrf1 |
Enable feature on default or management VRF |
|
(config)#ntp server 192.168.2.2 vrf vrf1 |
Configure ntp server ip address. |
|
(config)#ntp authenticate vrf vrf1 |
Enable NTP Authenticate. NTP authentication is disabled by default. |
|
(config)#ntp authentication-key 1 md5 cisco vrf vrf1 |
Configure ntp authentication key along with md5 value. |
|
(config)#ntp request-key 1 vrf vrf1 |
Configure reuest-key |
|
(config)#ntp trusted-key 1 vrf vrf1 |
Configure trusted key <1-65535> |
|
(config)#commit |
Commit the configuration |
|
(config)#exit |
Exit from the Configure Mode. |
Validation
#show ntp authentication-status
Authentication enabled
#show ntp authentication-keys
--------------------------
Auth Key MD5 String
--------------------------
1234 SWWX
#show ntp trusted-keys
Trusted Keys:
1234