7-4
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
OL-10101-02
Chapter 7 Administering the Switch
Managing the System Time and Date
• Configuring NTP Broadcast Service, page 7-6
• Configuring NTP Access Restrictions, page 7-8
• Configuring the Source IP Address for NTP Packets, page 7-10
• Displaying the NTP Configuration, page 7-10
Default NTP Configuration
Table 7-1 shows the default NTP configuration.
NTP is enabled on all interfaces by default. All interfaces receive NTP packets.
Configuring NTP Authentication
This procedure must be coordinated with the administrator of the NTP server; the information you
configure in this procedure must be matched by the servers used by the switch to synchronize its time to
the NTP server.
Beginning in privileged EXEC mode, follow these steps to authenticate the associations (communications
between devices running NTP that provide for accurate timekeeping) with other devices for security
purposes:
Ta b l e 7-1 Default NTP Configuration
Feature Default Setting
NTP authentication Disabled. No authentication key is specified.
NTP peer or server associations None configured.
NTP broadcast service Disabled; no interface sends or receives NTP broadcast packets.
NTP access restrictions No access control is specified.
NTP packet source IP address The source address is determined by the outgoing interface.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
ntp authenticate Enable the NTP authentication feature, which is disabled by
default.
Step 3
ntp authentication-key number md5 value Define the authentication keys. By default, none are defined.
• For number, specify a key number. The range is 1 to
4294967295.
• md5 specifies that message authentication support is provided
by using the message digest algorithm 5 (MD5).
• For value, enter an arbitrary string of up to eight characters for
the key.
The switch does not synchronize to a device unless both have one
of these authentication keys, and the key number is specified by the
ntp trusted-key key-number command.