R3721-F3210-F3171-HP High-End Firewalls Getting Started Guide-6PW101
67
Table 12 Configuration items
Item Descri
p
tion
Clock status Displays the synchronization status of the system clock.
Local Reference Source
Set the IP address of the local clock source to 127.127.1.u, where u
ranges from 0 to 3, representing the NTP process ID.
• If the IP address of the local clock source is specified, the local
clock is used as the reference clock, and thus can provide time for
other devices.
• If the IP address of the local clock source is not specified, the local
clock is not used as the reference clock.
Stratum
Set the stratum level of the local clock.
The stratum level of the local clock decides the precision of the local
clock. A higher value indicates a lower precision. A stratum 1 clock
has the highest precision, and a stratum 16 clock is not synchronized
and cannot be used as a reference clock.
Source Interface
Set the source interface for an NTP message.
If you do not want the IP address of a certain interface on the local
device to become the destination address of response messages,
you can specify the source interface for NTP messages, so that the
source IP address in the NTP messages is the primary IP address of
this interface. If the specified source interface is down, the source IP
address of the NTP messages sent is the primary IP address of the
outbound interface.
Key 1
Set NTP authentication key.
The NTP authentication feature should be enabled for a system
running NTP in a network where there is a high security demand.
This feature enhances the network security by means of client-server
key authentication, which prohibits a client from synchronizing with
a device that has failed authentication.
You can set two authentication keys, each of which is composed of a
key ID and key string.
• ID is the ID of a key.
• Key string is a character string for MD5 authentication key.
Key 2
External Reference
Source
NTP Server
1/Reference
Key ID
Specify the IP address of an NTP server, and configure the
authentication key ID used for the association with the NTP server.
Only if the key provided by the server is the same with the specified
key will the device synchronize its time to the NTP server.
You can configure two NTP servers. The clients will choose the
optimal reference source.
IMPORTANT:
The IP address of an NTP server is a unicast address, and cannot be a
broadcast or a multicast address, or the IP address of the local clock
source.
NTP Server
2/Reference
Key ID
TimeZone Set the time zone where the system resides.
Date and time configuration example
In this configuration example, either Device A or Device B is the Firewall.