GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: NTP authentication posted 08/01/2000
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


That's good one. I am using access-group to prevent other people. You may
be right on NTP server authentication then.

On Mon, 31 Jul 2000, David H. Brown wrote:

> Sam,
> 
> Several of us have it working with either as well.  But, can you PREVENT a
> non-authenticating peer (a router with no authentication statement) from
> syncing with the server, WITHOUT using an access-group on the server?  If
> so, please post the configs.
> 
> David
> (RTP lab 8/6)
> 
> -----Original Message-----
> From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx]On Behalf Of
> Sam Munzani
> Sent: Monday, July 31, 2000 10:51 AM
> To: Derek Small
> Cc: John Conzone; Simon Hopkins; Andrew; ccielab
> Subject: Re: NTP authentication
> 
> 
> Wrong. I have it working with NTP server command.
> 
> On Sun, 30 Jul 2000, Derek Small wrote:
> 
> > You cannot use the "ntp server" command if you want to do authentication.
> Use the "NTP peer" command on both server and client to get it to work
> correctly.
> >
> > Derek Small
> > CCIE # 5832
> > dwsmall@xxxxxxxxxx
> >
> >
> >   ----- Original Message -----
> >   From: John Conzone
> >   To: Simon Hopkins ; Andrew
> >   Cc: ccielab
> >   Sent: Sunday, July 30, 2000 4:09 PM
> >   Subject: Re: NTP authentication
> >
> >
> >       Simon, the problem is that if I enable authentication on the server
> side, the clients still connect whether I specify authentication on the
> client or not. I debug ntp auth  and see NOTHING.  I debug ntp packets and
> see the same whether I have authentication on or not.
> >       I'm thinking that if I enable authentication on the server then none
> of the clients should be able to sync without authentication. Like OSPF or
> RIP2.
> >       I have searched CCO and TAC database for any complete NTP
> authentication configs and have found none. I find that curious. I can't
> find any, not even partial using NTP authentication.
> >     ----- Original Message -----
> >     From: Simon Hopkins
> >     To: Andrew
> >     Cc: John Conzone ; ccielab
> >     Sent: Sunday, July 30, 2000 3:09 PM
> >     Subject: Re: NTP authentication
> >
> >
> >     A common problem is using the "ntp server x.x.x.x" command without the
> "key"
> >     e.g
> >     ntp authenticate
> >     ntp trusted-key 1
> >     ntp authentication-key 1 md5 cisco
> >     ntp server x.x.x.x key 1
> >
> >
> >     Andrew wrote:
> >
> >        Can you show us what configuration you are using?
> >       At 12:44 PM 7/30/00 -0400, John Conzone wrote:
> >
> >             I have 6 routers, one as NTP Master 1 and the others as NTP
> server X.X.X.X (ip of master).
> >         I have no problem getting the other 5 to pull time from the master
> and clocks all synch up.
> >             However, I cannot get authentication to work. The clients
> synch to the master regardless of whether authentication is on or not. I
> can't find any good examples of NTP authentication configuration. I'm sure
> I'm implementing wrong. Any help?
> >             Thanks!
> >
> 
> _______________________________________________________
> To unsubscribe from the CCIELAB list, send a message to
> majordomo@xxxxxxxxxxxxxx with the body containing:
> unsubscribe ccielab
> 

_______________________________________________________
To unsubscribe from the CCIELAB list, send a message to
majordomo@xxxxxxxxxxxxxx with the body containing:
unsubscribe ccielab