WESM zl Management and Configuration Guide WT.01.28 and greater
2-146
Configuring the ProCurve Wireless Edge Services zl Module
Enabling Secure Network Time Protocol (NTP)
You can control four types of access to NTP resources:
■ Full Access—The Wireless Edge Services zl Module accepts all messages from
devices permitted by the associated ACL and will synchronize with these
devices. This is typically the type of access that you would grant your NTP
neighbors.
■ Only Control Queries—The module accepts only control queries from devices
permitted by the ACL. NTP peers might exchange both time requests and control
queries, so you should usually grant NTP peers full access instead.
■ Server and Query Access—The module accepts both time requests and control
queries from devices permitted by the ACL but does not synchronize with these
devices.
■ Only Server Access—The module only accepts time requests from these devices.
Grant this type of access to authorized NTP clients—which might be any device
in the world or only devices in your LAN.
Table 2-9 summarizes these types of access control.
Table 2-9. Controlling NTP Access
To g rant no access of a particular type, leave the respective ACL ID at 0.
Field Queries That Permitted
Devices Can Send
Can the Module
Synchronize with
Permitted Devices?
Type of Devices for Which the
Access Control Is Used
Full Access Time requests and control
queries
Yes Trusted Secure NTP servers
Only Control Queries Control queries No Secure NTP servers (which might
be vulnerable to attack or less
accurate)
Server and Query Access Time requests and control
queries
No Secure NTP servers in a peer
relationship (which might be
vulnerable to attack or less
accurate)
Only Server Access Time queries No Any device on the Internet or any
device in your network