3com 4210 PWR 9-Port 3CR17341-91-ME ユーザーズマニュアル
製品コード
3CR17341-91-ME
376
C
HAPTER
35: NTP C
ONFIGURATION
n
The access-control right mechanism provides only a minimum degree of security
protection for the local switch. A more secure method is identity authentication.
protection for the local switch. A more secure method is identity authentication.
Configuring NTP
Authentication
Authentication
In networks with higher security requirements, the NTP authentication function
must be enabled to run NTP. Through password authentication on the client and
the server, the clock of the client is synchronized only to that of the server that
passes the authentication. This improves network security. Table 290 shows the
roles of devices in the NTP authentication function.
must be enabled to run NTP. Through password authentication on the client and
the server, the clock of the client is synchronized only to that of the server that
passes the authentication. This improves network security. Table 290 shows the
roles of devices in the NTP authentication function.
Configuration
Prerequisites
NTP authentication configuration involves:
■
Configuring NTP authentication on the client
■
Configuring NTP authentication on the server
Observe the following principles when configuring NTP authentication:
■
If the NTP authentication function is not enabled on the client, the clock of the
client can be synchronized to a server no matter whether the NTP
authentication function is enabled on the server (assuming that other related
configurations are properly performed).
client can be synchronized to a server no matter whether the NTP
authentication function is enabled on the server (assuming that other related
configurations are properly performed).
■
For the NTP authentication function to take effect, a trusted key needs to be
configured on both the client and server after the NTP authentication is
enabled on them.
configured on both the client and server after the NTP authentication is
enabled on them.
■
The local clock of the client is only synchronized to the server that provides a
trusted key.
trusted key.
■
In addition, for the server/client mode and the symmetric peer mode, you need
to associate a specific key on the client (the symmetric-active peer in the
symmetric peer mode) with the corresponding NTP server (the
symmetric-passive peer in the symmetric peer mode); for the NTP
broadcast/multicast mode, you need to associate a specific key on the
broadcast/multicast server with the corresponding NTP broadcast/multicast
client. Otherwise, NTP authentication cannot be enabled normally.
to associate a specific key on the client (the symmetric-active peer in the
symmetric peer mode) with the corresponding NTP server (the
symmetric-passive peer in the symmetric peer mode); for the NTP
broadcast/multicast mode, you need to associate a specific key on the
broadcast/multicast server with the corresponding NTP broadcast/multicast
client. Otherwise, NTP authentication cannot be enabled normally.
■
Configurations on the server and the client must be consistent.
Table 290 Description of the device roles in NTP authentication function
Role of device
Working mode
Client
Client in the server/client mode
Client in the broadcast mode
Client in the multicast mode
Symmetric-active peer in the symmetric peer
mode
mode
Server
Server in the server/client mode
Server in the broadcast mode
Server in the multicast mode
Symmetric-passive peer in the symmetric peer
mode
mode