HP VPN Firewall Appliances System Management and Maintenance Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

121

122

123

124

125

126

127

128

129

130

117

Item Descri

tion

Local Reference Source

Set the IP address of the local clock source to 127.127.1.u, where u

represents the NTP process ID in the range of 0 to 3.

• If the IP address of the local clock source is specified, the local

clock is used as the reference clock, and thus can provide time for

other devices.

• If the IP address of the local clock source is not specified, the local

clock is not used as the reference clock.

Stratum

Set the stratum level of the local clock.

The stratum level of the local clock decides the precision of the local

clock. A higher value indicates a lower precision. A stratum 1 clock

has the highest precision, and a stratum 16 clock is not synchronized

and cannot be used as a reference clock.

Source Interface

Set the source interface for an NTP message.

If you do not want the IP address of a certain interface on the local

device to become the destination address of response messages, you

can specify the source interface for NTP messages, so that the source

IP address in the NTP messages is the primary IP address of this

interface. If the specified source interface is down, the source IP

address of the NTP messages sent is the primary IP address of the

outbound interface.

Key 1 Set NTP authentication key.

The NTP authentication feature should be enabled for a system

running NTP in a network where there is a high security demand. This

feature enhances the network security by means of client-server key

authentication, which prohibits a client from synchronizing with a

device that has failed authentication.

You can set two authentication keys, each of which is composed of a

key ID and key string.

• ID is the ID of a key.

• Key string is a character string for MD5 authentication key.

Key 2

External

Reference

Source

NTP Server

1/Reference

Key ID.

Specify the IP address of an NTP server, and configure the

authentication key ID used for the association with the NTP server.

Only if the key provided by the server is the same with the specified

key will the device synchronize its time to the NTP server.

You can configure two NTP servers. The clients will choose the optimal

reference source.

IMPORTANT:

The IP address of an NTP server is a unicast address, and cannot be a

broadcast or a multicast address, or the IP address of the local clock

source.

NTP Server

2/Reference

Key ID.

Date and time configuration example

In this example, Device A is the SecPath firewall.