Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8320
Views
20
Helpful
7
Replies

NTP Authentication Issue

Go to solution
Not applicable

‎08-20-2013 08:01 AM - last edited on ‎03-07-2019 03:02 PM by

While I am configuring C7609 route or C6509 switch as ntp server and Cisco 2811 router as ntp client,ntp was not working if the authentication is configured in client side, when removing authentication part from the client ONLY ntp is working, below are attached config:

NTP Server:     

HQ-7609#sh run | inc ntp

ntp authentication-key 1 md5 <KEY>

ntp authenticate

ntp trusted-key 1

ntp clock-period 17179881

ntp source Loopback0

ntp master 2

ntp server 10.10.5.2 key 1

NTP Client:

R1#sh run | inc ntp

ntp authentication-key 1 md5 <KEY>

ntp authenticate

ntp clock-period 17179903

ntp server 10.10.5.2 key 1

Please advice....

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP
In response to

‎08-21-2013 01:43 AM

Then it's a really strange config ... Try it the "traditional" way:

Server:

ntp authentication-key 1 md5

ntp trusted-key 1

ntp master

Client:

ntp authentication-key 1 md5

ntp authenticate

ntp server 10.10.5.2 key 1

ntp trusted-key 1

After some waiting (NTP is *really* slow) post the output of "show ntp associations".

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post

7 Replies 7

Go to solution
Karsten Iwen
VIP
VIP

‎08-20-2013 08:03 AM

The client also needs "ntp trusted-key 1".

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Go to solution
Not applicable
In response to Karsten Iwen

‎08-20-2013 10:54 PM

Add the command "ntp trusted-key 1" to the client also the same. my question why the client synchronized with NTP server when I remove the authentication part from the client?

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to

‎08-21-2013 12:51 AM

if you remove "ntp authenticate" the client just doesn't care about authentication and always can synchronize with a compatible server.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

0 Helpful

Go to solution
Not applicable
In response to Karsten Iwen

‎08-21-2013 01:00 AM

Ok, but why when authentication exist the client doesn't syncronized with the server ?

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to

‎08-21-2013 01:12 AM

What is you actual config? It seems that HQ-7609 is not the NTP-server as that device also synchonizes to IP 10.10.5.2. And how is the NTP-config for that device?

Additionally, if you synchronize to an external source, you don't need "ntp master".

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

0 Helpful

Go to solution
Not applicable
In response to Karsten Iwen

‎08-21-2013 01:38 AM

IP 10.10.5.2 is loopback address of C7609 router and at the same time it is a master.

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to

‎08-21-2013 01:43 AM

Then it's a really strange config ... Try it the "traditional" way:

Server:

ntp authentication-key 1 md5

ntp trusted-key 1

ntp master

Client:

ntp authentication-key 1 md5

ntp authenticate

ntp server 10.10.5.2 key 1

ntp trusted-key 1

After some waiting (NTP is *really* slow) post the output of "show ntp associations".

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card