Manualshelf

Management and Configuration Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
31323334353637383940
Example 7 How to list all SNTP servers configured on the switch
(HP_Switch_name#) show management
Status and Counters - Management Address Information
Time Server Address : fe80::215:60ff:fe7a:adc0%vlan10
Priority SNTP Server Address Protocol Version
-------- ---------------------------------------------- ----------------
1 2001:db8::215:60ff:fe79:8980 7
2 10.255.5.24 3
3 fe80::123%vlan10 3
Default Gateway : 10.0.9.80
VLAN Name MAC Address | IP Address
------------ ------------------- + -------------------
DEFAULT_VLAN 001279-88a100 | Disabled
VLAN10 001279-88a100 | 10.0.10.17
Enabling SNTP client authentication
The command sntp authentication enables SNTP client authentication on the switch. If
SNTP authentication is not enabled, SNTP packets are not authenticated.
Enabling SNTP authentication allows network devices such as HP switches to validate the SNTP
messages received from an NTP or SNTP server before updating the network time. NTP or SNTP
servers and clients must be configured with the same set of authentication keys so that the servers
can authenticate the messages they send and clients (HP switches) can validate the received
messages before updating the time.
This feature provides support for SNTP client authentication on HP switches, which addresses
security considerations when deploying SNTP in a network.
Requirements to enable SNTP client authentication
You must configure all of the the following items to enable SNTP client authentication on the switch.
SNTP client Authentication Support Requirements
Timesync mode must be SNTP. Use the timesync sntp command. SNTP is disabled by
default.
SNTP must be in unicast or broadcast mode.
The MD5 authentication mode must be selected.
An SNTP authentication key-identifier (key-id) must be configured on the switch and a value
(key-value) must be provided for the authentication key. A maximum of 8 sets of key-id
and key-value can be configured on the switch.
Among the keys that have been configured, one key or a set of keys must be configured as
trusted. Only trusted keys will be used for SNTP authentication.
If the SNTP server requires authentication, one of the trusted keys has to be associated with
the SNTP server.
SNTP client authentication must be enabled on the HP switch. If client authentication is disabled,
packets are processed without authentication. All of the above steps are necessary to enable
authentication on the client.
Viewing and configuring time synchronization protocol parameters 33