12.2.6 Configuring Authentication
If the Switch authenticates with NTP client, NTP server, or symmetric connection, set the authentication key first. After that, specify the key number when setting according to the connection type to be used.
- <Structure of this section>
(1) Setting the authentication key
- Points to note
-
Set the key number and key used for NTP authentication.
Command examples
-
(config)# ntp authenticate
Enable NTP authorization feature.
-
(config)# ntp authentication-key 1 md5 NtP001
Set the key number 1 to "NtP001" as NTP key.
-
(config)# ntp trusted-key 1
Specifies key number 1 for NTP authentication.
(2) Client function
To use authentication with the client facility, configure the following settings:
- Points to note
-
Specify the key number set as the authentication key in key parameter of the command to set the client function. This example shows how to configure a unicast client.
Command examples
-
(config)# ntp server 192.168.1.100 key 1
Synchronizes the Switch's time with the host NTP servers (192.168.1.100). In this case, the key number of the authentication key sent by the Switch is set to 1 to authenticate using the key number 1. (The host NTP servers respond with the key number sent by the client.)
Set NTP authorization on the host NTP server in the same way.
(3) Server function
To use authentication with the server facility, make the following settings:
- Points to note
-
Specify the key number set as the authentication key in key parameter of the command to set the broadcast server function.
Command examples
-
(config)# interface vlan 300
(config-if)# ip address 192.168.100.1 255.255.255.0
(config-if)# ntp broadcast key 1
Specifies VLAN interfaces to which broadcast NTP messaging is sent. The key number sent from the Switch is 1.
(4) Symmetric connection
- Points to note
-
In key parameter of the command for which symmetric connection is to be set, specify the key number that is set as the authentication key.
Command examples
-
(config)# ntp peer 192.168.1.200 key 1
Synchronizes the time on the Switch with the symmetric destination NTP servers (192.168.1.200). In this case, the key number of the authentication key sent by the Switch is set to 1 in order to perform authentication using the key number 1. The Switch authenticates with the key number sent by the symmetrically connected NTP servers.
Set NTP certification on the symmetric destination NTP server in the same way.
The key number that the Switch sends and the key number that the symmetric destination NTP servers send can be used as key numbers. If this happens, add the key number that the symmetric destination NTP server sends when setting the authentication key.