Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
398
Views
0
Helpful
5
Replies

Help with NTP

swilk
Level 1
Level 1

‎12-08-2005 07:17 AM - edited ‎03-03-2019 01:04 AM

I cannot get any of my Cisco switches to sync with an NTP server. I have configured a Windows Server to be the NTP server for all of my network equipment but it will not work. Here is the config:

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname xxxxxxxx

!

enable secret 5 XXXXXXXXXXXXXXXXXXXXX

!

no aaa new-model

ip subnet-zero

ip domain-name XXXXXXXXX

!

!

mls qos

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

class-map match-any 3megIN_OUT

match ip dscp default

class-map match-any 7.5megIN_OUT

match ip dscp default

class-map match-any 15megIN_OUT

match ip dscp default

!

!

policy-map 3megIN_OUT

class 3megIN_OUT

police 3000000 375000 exceed-action policed-dscp-transmit

policy-map 7.5megIN_OUT

class 7.5megIN_OUT

police 7496000 937500 exceed-action policed-dscp-transmit

policy-map 15megIN_OUT

class 15megIN_OUT

police 15000000 1000000 exceed-action policed-dscp-transmit

!

interface Vlan1

no ip address

shutdown

!

interface Vlan37

ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx

no ip route-cache

!

ip default-gateway xxx.xxx.xxx.xxx

ip classless

ip http server

!

!

control-plane

!

banner motd ^CYou are about to access xxxxxxxxxxxxxxxxxxxx.

All access is controlled. Unauthorized access is a violation

of Federal and State law and company policy.

Information systems, data and information are xx assets for

xx business use only.^C

!

line con 0

password xxxxxxxx

login

line vty 0 4

password xxxxxxxx

login

line vty 5 15

password xxxxxxxx

no login

!

ntp server xxx.xxx.45.167

!

end

xxxxxxxxxx#sho ntp status

Clock is unsynchronized, stratum 16, no reference clock

nominal freq is 119.2092 Hz, actual freq is 119.2092 Hz, precision is 2**17

reference time is 00000000.00000000 (19:00:00.000 EST Thu Dec 31 1899)

clock offset is 0.0000 msec, root delay is 0.00 msec

root dispersion is 0.00 msec, peer dispersion is 0.00 msec

xxxxxxxxxx#sho ntp ass

address ref clock st when poll reach delay offset disp

~xxx.xxx.45.167 207.46.130.100 3 7 64 3 0.9 -84160 7879.3

* master (synced), # master (unsynced), + selected, - candidate, ~ configured

Labels:
0 Helpful
5 Replies 5

mheusinger
Level 10
Level 10

‎12-08-2005 07:34 AM

Hi,

wouldn´t you need additionally something like:

clock timezone gmt

ntp source Loopback0

ntp update-calendar

ntp server xxx.xxx.45.167

Do you use authentication on your NTP server?

The use on the Switch:

ntp authentication-key 10 md5 MyNTPpassword

ntp authenticate

ntp trusted-key 10

Regards

Martin

0 Helpful

Georg Pauwen
VIP
VIP

‎12-08-2005 08:28 AM

Hello,

I might be off course here, but I seem to remotely remember having a similar problem, eventually I configured SNTP instead of NTP:

sntp server xxx.xxx.45.167

I think for Windows to work as an NTP server, you have to install a package like this:

PresenTense Time Server

http://www.bytefusion.com/windows-time-server/xp-2000-time-server/ntp-windows-time-server/whatispresentenseserver.htm

Regards,

GP

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Georg Pauwen

‎12-08-2005 09:25 AM

Georg

You are quite on course. The implementation of time service in Windows is based on SNTP. And Cisco devices running NTP will not sync with an SNTP server. So running SNTP on Cisco is an option.

Martin's suggestion about specifying time zone is nice but not necessary to being able to sync. And his suggestions about doing things like authentication of NTP are good practice, assuming that you are using the NTP service rather than the SNTP.

HTH

Rick

HTH

Rick
0 Helpful

Kevin Dorrell
Level 10
Level 10
In response to Richard Burts

‎12-09-2005 12:12 AM

Rick,

That is useful information. Thanks. One question: will it do it OK the other way. That is, if I have set my router as NTP master (not SNTP), can I get the Windows domain to synchronise from it?

Kevin Dorrell

Luxembourg

0 Helpful

michael.armstrong
Level 1
Level 1
In response to Kevin Dorrell

‎12-09-2005 07:17 AM

Yes. We use our Internet-facing router to acquire stratum 1 time, then our core switch acquires time from the router, and the rest of the network gets it from the core switch. Bottom line -- Cisco devices can play NTP among themselves with no problems.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents