To allow for software clock synchronization by the NTP server for the system, use the ntp server command in Configuration mode. Allows up to three servers each with a key in a separate line. The key is an optional parameter but the key is required for NTP authentication. The Cisco CDA always requires a valid and reachable NTP server.
Although key is an optional parameter, it must be configured if you need to authenticate an NTP server.
To disable this capability, use the no form of this command only when you want to remove an NTP server and add another one.
ntp server {ip-address | hostname} key <peer key number>
No servers are configured by default.
Use this ntp server command with a trusted key if you want to allow the system to synchronize with a specified server.
The key is optional, but it is required for NTP authentication. Define this key in the ntp authentication-key command first and add this key to the ntp trusted-key command before you can add it to the ntp server command.
The show ntp command displays the status of synchronization. If none of the configured NTP servers are reachable or not authenticated (if NTP authentication is configured), then this command displays synchronization to local with the least stratum. If an NTP server is not reachable or is not properly authenticated, then its reach as per this command statistics will be 0.
To define an NTP server configuration and authentication in the Cisco CDA admin user interface, see the System Time and NTP Server Settings section in the Cisco Identity Services Engine User Guide, Release 1.1.1.
Note This command gives conflicting information during the synchronization process. The synchronization process can take up to 20 minutes to complete.
/admin(config)# ntp server ntp.esl.cisco.com
key 1
% WARNING: Key 1 needs to be defined as a ntp trusted-key.
/admin(config)# ntp trusted-key
1
% WARNING: Key 1 needs to be defined as a ntp authentication-key.
/admin(config)# ntp authentication-key
1 md5 plain SharedWithServe
/admin(config)# ntp server
ntp.esl.cisco.com 1
/admin(config)# ntp server
171.68.10.80 2
/admin(config)# ntp server
171.68.10.150 3
/admin(config)# do show running-config
ip address 172.21.79.246 255.255.255.0
ip default-gateway 172.21.79.1
ntp authentication-key 1 md5 hash ee18afc7608ac7ecdbeefc5351ad118bc9ce1ef3
ntp authentication-key 2 md5 hash f1ef7b05c0d1cd4c18c8b70e8c76f37f33c33b59
ntp authentication-key 3 md5 hash ee18afc7608ac7ec2d7ac6d09226111dce07da37
ntp server ntp.esl.cisco.com key 1
ntp server 171.68.10.150 key 3
Primary NTP : cd-acs-ntp.cisco.com
synchronised to local net at stratum 11
remote refid st t when poll reach delay offset jitter
==============================================================================
*127.127.1.0 .LOCL. 10 l 46 64 37 0.000 0.000 0.001
171.68.10.80 .RMOT. 16 u 46 64 0 0.000 0.000 0.000
171.68.10.150 .INIT. 16 u 47 64 0 0.000 0.000 0.000
Warning: Output results may conflict during periods of changing synchronization.
Specifies key numbers for trusted time sources that needs to be defined as NTP authentication keys. |
|