Manualshelf

R3721-F3210-F3171-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
121122123124125126127128129130
117
As shown above, Device B has been synchronized to Device A, and the clock stratum level of
Device B is 3, while that of Device A is 2.
# View the NTP session information of Device B, which shows that an association has been set up
Device B and Device A.
[DeviceB] display ntp-service sessions
source reference stra reach poll now offset delay disper
**************************************************************************
[12345] 1.0.1.11 127.127.1.0 2 63 64 3 -75.5 31.0 16.5
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured
Total associations : 1
Configuring the NTP broadcast mode with authentication
Network requirements
As shown in Figure 55, Firewall C functions as the NTP server for multiple devices on different network
segments and synchronizes the time among multiple devices. Firewall C's local clock is to be used as a
reference source, with the stratum level of 3. Firewall C operates in broadcast server mode and sends out
broadcast messages from GigabitEthernet 0/1. Firewall D operates in broadcast client mode and
receives broadcast client through GigabitEthernet 0/1.
NTP authentication is enabled on both Firewall C and Firewall D.
Figure 55 Network diagram
Configuration procedure
1. Set the IP address for each interface as shown in Figure 55. (Details not shown.)
2. Configure Firewall C:
# Specify the local clock as the reference source, with the stratum level of 3.
<FirewallC> system-view
[FirewallC] ntp-service refclock-master 3
# Configure NTP authentication.
[FirewallC] ntp-service authentication enable
[FirewallC] ntp-service authentication-keyid 88 authentication-mode md5 123456
[FirewallC] ntp-service reliable authentication-keyid 88
# Specify Firewall C as an NTP broadcast server, and specify an authentication key.