Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
908
Views
0
Helpful
7
Replies

NTP configuration on Cisco IDS

msmitha
Level 1
Level 1

‎10-23-2003 11:08 AM - edited ‎03-09-2019 05:15 AM

When I try to configure NTP on my 4215, I get this error (below). I have tried rebooting the sensor but the sensor came back up with no ntpServer configured. There is no connectivity issue between the ntp server and the sensor.

sensor(config-Host-tim)# ntpServers ipAddress A.B.C.D

sensor(config-Host-tim-ntp)# keyId 1

sensor(config-Host-tim-ntp)# keyValue secret

sensor(config-Host-tim-ntp)# exit

sensor(config-Host-tim)# show sett

timeParams

-----------------------------------------------

offset: 0 minutes <defaulted>

standardTimeZoneName: UTC <defaulted>

summerTimeParams

-----------------------------------------------

-----------------------------------------------

ntpServers (min: 0, max: 1, current: 1)

-----------------------------------------------

ipAddress: A.B.C.D

keyId: 1

keyValue: secret

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

sensor(config-Host-tim)# exit

sensor(config-Host)# exit

Apply Changes:?[yes]: yes

Error: Could not run ntpdate utility. Fatal Error has occurred. Node MUST be rebooted to enable alarming.

Labels:
0 Helpful
7 Replies 7

scoclayton
Level 7
Level 7

‎10-23-2003 08:07 PM

Hi,

I actually saw something similar with 4.0 first came out. Unfortunately, I never bothered to figure out what was happening as it always seemed to work after I upgraded the code on the sensor. Are you running a 4.0(1) release? If so, cann you go ahead and apply the 4.1(1) update and re-test. I think we may have fixed this but to be honest, I am really not sure. Let me know.

Scott

0 Helpful

deckles
Level 1
Level 1
In response to scoclayton

‎11-10-2003 09:34 AM

I'm not certain how msmitha got this working - perhaps it's the difference in IDS platform. I am in the process of deploying a couple of IDSM-2 modules and have never been able to get NTP to work. The same fatal error message comes up. Using "show settings" reveals that no NTP server configuration was accepted:

id-main2d-1(config-Host-tim)# show sett

timeParams

-----------------------------------------------

offset: 0 minutes default: 0

standardTimeZoneName: GMT default: UTC

summerTimeParams

-----------------------------------------------

-----------------------------------------------

ntpServers (min: 0, max: 1, current: 0)

-----------------------------------------------

In addition, the IDSM modules running 4.1(1)S47 were not even obtaining time from the switches that they are installed in. A recent upgrade to the 4.1(2)S58 release has apparently fixed that issue (time on the IDS now matches the time on the switch), however NTP configuration attempts continue to fail.

0 Helpful

jamesand
Cisco Employee
Cisco Employee
In response to deckles

‎11-10-2003 03:59 PM

One reason for the fatal error message is that the ntp daemon (ntpd) is already running when the ntpdate utility is run - this causes ntpdate to fail. Another cause for ntpdate to fail could be a configuration problem or an unsupported ntp server.

Can you send me some info on the ntp server you are using?

Also, you could try running the ntpdate command (as root) from the sensor service account and see if you get any more information. Make sure that ntpd is not running. You can run "killall -INT ntpd" if it is.

0 Helpful

deckles
Level 1
Level 1
In response to jamesand

‎11-13-2003 01:08 PM

Attempting to obtain time from a 7200 router configured as follows:

ntp authentication-key xxxxxxxxxx

ntp authenticate

ntp trusted-key 1

I verified that ntpd is not running and attempted to run ntpdate manually with the following output:

[root@id-main2d-1 root]# ntpdate -a 1 -k /tmp/ntpkey 205.136.119.225

13 Nov 20:57:27 ntpdate[2932]: cannot change keyid 0, key entry `T!ckT0ck' ignored

13 Nov 20:57:31 ntpdate[2932]: no server suitable for synchronization found

Is the keyid the problem? I'm unable to use keyid 0 on the router, but the IDS apparently won't accept keyid 1. I also tried a password that did not have a special character in it, with no success.

0 Helpful

jamesand
Cisco Employee
Cisco Employee
In response to deckles

‎11-14-2003 11:01 AM

Try running the ntpdate command (this is what the IDS s/w runs):

> ntpdate -b 205.136.119.225

NOTE: the ntp server configuration should be defined in the /etc/ntp.conf file and the keys in /etc/ntp/keys on the sensor. The cli setup should allow you to enter a keyid of "1".

0 Helpful

jamesand
Cisco Employee
Cisco Employee

‎10-24-2003 07:38 AM

There is a known NTP bug with this symptom. It occurs when you have NTP configured and then make an NTP configuration change (ntpdate will error if the ntp daemon is already running). You might try this workaround:

- remove all NTP servers

- apply changes

- add NTP server

- apply changes

If this does not work, then this problem is either a misconfiguration or a connectivity issue.

0 Helpful

msmitha
Level 1
Level 1
In response to jamesand

‎10-24-2003 09:49 AM

Thanks for the help. I got it working now - removed, saved changes, reset the sensor, configured ntp again and it's working fine.

0 Helpful
Customers Also Viewed These Support Documents