Hi Team,

We are having on-pream Linux Chrony based NTP Server which is configured with "samay" Internet NTP servers to Sync the time.

The on-prem NTP server, we are going to use it for all the local end hosts (like Network Devices, Endpoints, Servers, etc.).

I have configured the NTP authentication key on the local NTP server to support the NTP authentication on client side. 

The NTP server working properly with Cisco Router and Switch with NTP authentication - when using keygen key auto genrated on Server with SHA256.

When the same key I am using on Cisco ISE it is not working - without ntp auth it is working.

So there are two scenario 

1 - Genrating key on NTP server with keygen command

1 SHA256 HEX:adasndaksdnakdadkasdkansd

Using the same key on Cisco ISE

ntp authentication-key 1 sha256 plain HEX:adasndaksdnakdadkasdkansd

--Not working

2 -  Manually configuring key on NTP server.

nano /etc/chrony.keys

10 SHA256 abcdefgh

Using the same key on Cisco ISE.

ntp authentication-key 10 sha256 plain abcdefgh

--Working.

Scenario 1 is working for all the Cisco router and switch.

The problem is when I am manually configuring the key on NTP server then is visible to root user but when I am genrating key on NTP server it is genrate in HEX formate which is encrypted and I wanted to use the auto genrated key from the NTP server which is not working on cisco ISE.

Any suggetiones, Appreciated !!