F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices System Management and Maintenance Configuration Guide-6PW100
129
source reference stra reach poll now offset delay disper
**************************************************************************
[1234] 3.0.1.31 127.127.1.0 2 255 64 26 -16.0 40.0 16.6
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured
Total associations : 1
For more information about how to configuration IGMP and PIM, see Network Management
Configuration Guide.
253BConfiguring NTP client/server mode with authentication
In this example, Device A is the Firewall.
432BNetwork requirements
As shown in 847HFigure 56, perform the following configurations to synchronize the time between Device B
and Device A and ensure network security.
• The local clock of Device A is to be configured as a reference source, with the stratum level 2.
• Device B operates in client mode and Device A is to be used as the NTP server of Device B, with
Device B as the client.
• NTP authentication is to be enabled on both Device A and Device B.
Figure 56 Network diagram
433BConfiguration procedure
1. Set the IP address for each interface as shown in 848HFigure 56. (Details not shown.)
2. Configure Device A:
# Specify the local clock as the reference source, with the stratum level 2.
<DeviceA> system-view
[DeviceA] ntp-service refclock-master 2
3. Configure Device B:
<DeviceB> system-view
# Enable NTP authentication on Device B.
[DeviceB] ntp-service authentication enable
# Set an authentication key.
[DeviceB] ntp-service authentication-keyid 42 authentication-mode md5 aNiceKey
# Specify the key as a trusted key.
[DeviceB] ntp-service reliable authentication-keyid 42
# Specify Device A as the NTP server of Device B.
[DeviceB] ntp-service unicast-server 1.0.1.11 authentication-keyid 42
Before Device B can synchronize to Device A, enable NTP authentication for Device A.
4. Perform the following configuration on Device A:
# Enable NTP authentication.
[DeviceA] ntp-service authentication enable