Manualsbrain.com
  1. Инструкции и руководства
  2. Бренды
  3. 3com
  4. S7906E
  5. Инструкции По Установке

Инструкции По Установке для 3com S7906E

Скачать
Страница из 2621
 
1-14 
Configuration Prerequisites 
Prior to configuring the NTP service access-control right to the local device, you need to create and 
configure an ACL associated with the access-control right. For the configuration of ACL, refer to ACL 
Configuration in the Security Volume
Configuration Procedure 
Follow these steps to configure the NTP service access-control right to the local device: 
To do… 
Use the command… 
Remarks 
Enter system view 
system-view 
— 
Configure the NTP service 
access-control right for a peer 
device to access the local 
device  
ntp-service access { peer | 
query | server | 
synchronization acl-number
Required 
peer by default 
 
 
The access-control right mechanism provides only a minimum degree of security protection for the 
system running NTP. A more secure method is identity authentication. 
 
Configuring NTP Authentication 
The NTP authentication feature should be enabled for a system running NTP in a network where there 
is a high security demand. This feature enhances the network security by means of client-server key 
authentication, which prohibits a client from synchronizing with a device that has failed authentication. 
Configuration Prerequisites 
The configuration of NTP authentication involves configuration tasks to be implemented on the client 
and on the server. 
When configuring the NTP authentication feature, pay attention to the following principles: 
For all synchronization modes, when you enable the NTP authentication feature, you should 
configure an authentication key and specify it as a trusted key. Namely, the ntp-service 
authentication enable command must work together with the ntp-service authentication-keyid 
command and the ntp-service reliable authentication-keyid command. Otherwise, the NTP 
authentication function cannot be normally enabled. 
For the client/server mode or symmetric mode, you need to associate the specified authentication 
key on the client (symmetric-active peer if in the symmetric peer mode) with the corresponding 
NTP server (symmetric-passive peer if in the symmetric peer mode). Otherwise, the NTP 
authentication feature cannot be normally enabled. 
For the broadcast server mode or multicast server mode, you need to associate the specified 
authentication key on the broadcast server or multicast server with the corresponding NTP server. 
Otherwise, the NTP authentication feature cannot be normally enabled.