Configuring Ntp Access Restrictions - Cisco Nexus 5600 Series Configuration Manual
Nx-os system management
Hide thumbs
Also See for Nexus 5600 Series:
- Hardware installation manual (100 pages) ,
- Reference (480 pages)
Table of Contents
Advertisement
Configuring NTP Access Restrictions
Step 5
Step 6
Step 7
Step 8
This example shows how to configure the device to synchronize only to time sources that provide authentication
key 42 in their NTP packets:
switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# ntp authentication-key 42 md5 aNiceKey
switch(config)# ntp server 10.1.1.1 key 42
switch(config)# ntp trusted-key 42
switch(config)# ntp authenticate
switch(config)# copy running-config startup-config
[########################################] 100%
switch(config)#
Configuring NTP Access Restrictions
You can control access to NTP services by using access groups. Specifically, you can specify the types of
requests that the device allows and the servers from which it accepts responses.
If you do not configure any access groups, NTP access is granted to all devices. If you configure any access
groups, NTP access is granted only to the remote device whose source IP address passes the access list criteria.
Procedure
Step 1
Step 2
Cisco Nexus 5600 Series NX-OS System Management Configuration Guide, Release 7.x
226
Command or Action
switch(config)# show ntp
trusted-keys
switch(config)# [no] ntp
authenticate
switch(config)# show ntp
authentication-status
switch(config)# copy
running-config startup-config
Command or Action
switch# configure terminal
switch(config)# [no] ntp
access-group {peer | serve |
serve-only | query-only}
access-list-name
Purpose
(Optional)
Displays the configured NTP trusted keys.
Enables or disables the NTP authentication feature. NTP
authentication is disabled by default.
(Optional)
Displays the status of NTP authentication.
(Optional)
Saves the change persistently through reboots and restarts
by copying the running configuration to the startup
configuration.
Purpose
Enters global configuration mode.
Creates or removes an access group to control NTP access and
applies a basic IP access list.
The access group options are scanned in the following order, from
least restrictive to most restrictive. However, if NTP matches a deny
ACL rule in a configured peer, ACL processing stops and does not
continue to the next access group option.
• The peer keyword enables the device to receive time requests
and NTP control queries and to synchronize itself to the servers
specified in the access list.
Configuring NTP
OL-31641-01
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
Table of Contents
