HP VPN Firewall Appliances System Management and Maintenance Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

141

142

143

144

145

146

147

148

149

150

140

Total associations : 1

# NTP authentication is enabled on Firewall B, but not enabled on Firewall C, so Firewall B cannot

synchronize to Firewall C.

[FirewallB-GigabitEthernet0/1] display ntp-service status

Clock status: unsynchronized

Clock stratum: 16

Reference clock ID: none

Nominal frequency: 100.0000 Hz

Actual frequency: 100.0000 Hz

Clock precision: 2^18

Clock offset: 0.0000 ms

Root delay: 0.00 ms

Root dispersion: 0.00 ms

Peer dispersion: 0.00 ms

Reference time: 00:00:00.000 UTC Jan 1 1900(00000000.00000000)

# Enable NTP authentication on Firewall C. Configure an NTP authentication key, with the key ID

of 88 and key value of 123456. Specify the key as a trusted key.

[FirewallC] ntp-service authentication enable

[FirewallC] ntp-service authentication-keyid 88 authentication-mode md5 123456

[FirewallC] ntp-service reliable authentication-keyid 88

# Specify Firewall C as an NTP broadcast server, and associate the key 88 with Firewall C.

[FirewallC] interface gigabitethernet 0/1

[FirewallC-GigabitEthernet0/1] ntp-service broadcast-server authentication-keyid 88

# After NTP authentication is enabled on Firewall C, Firewall B can synchronize to Firewall C.

Display NTP service status information on Firewall B.

[FirewallB-GigabitEthernet0/1] display ntp-service status

Clock status: synchronized

Clock stratum: 4

Reference clock ID: 3.0.1.31

Nominal frequency: 64.0000 Hz

Actual frequency: 64.0000 Hz

Clock precision: 2^7

Clock offset: 0.0000 ms

Root delay: 31.00 ms

Root dispersion: 8.31 ms

Peer dispersion: 34.30 ms

Reference time: 16:01:51.713 UTC Sep 19 2005 (C6D95F6F.B6872B02)

The output shows that Firewall B has synchronized to Firewall C. The stratum level of Firewall B is

4, and that of Firewall C is 3

# Display NTP session information for Firewall B, which shows that an association has been set up

between Firewall B and Firewall C.

[FirewallB-GigabitEthernet0/1] display ntp-service sessions

source reference stra reach poll now offset delay disper

**************************************************************************

[1234] 3.0.1.31 127.127.1.0 3 254 64 62 -16.0 32.0 16.6

note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured

Total associations : 1