|
Written by Alexei Spirin
|
|
Tuesday, 12 February 2008 22:28 |
|
this config is an example for a NTP secure configuration article
interface FastEthernet0/0
description Broadcast distribution
ip address 192.168.100.1 255.255.255.0
ntp broadcast key 1
interface Serial0/0
ip address 192.168.13.1 255.255.255.252
!
access-list 2 permit 127.127.7.1 !Router itself (Not sure)
access-list 2 permit 192.168.100.10 !Broadcast client
access-list 2 permit 192.168.13.10 !Unicast client
!
ntp authentication-key 1 md5 cisco
ntp authenticate
ntp trusted-key 1
ntp access-group serve-only 2
ntp master 2
|
interface Serial0/0
ip address 192.168.13.10 255.255.255.0
!
access-list 2 permit 192.168.13.1
access-list 2 deny any log
!
ntp authentication-key 1 md5 cisco
ntp authenticate
ntp trusted-key 1
ntp access-group peer 2
ntp server 192.168.13.1 key 1
|
interface FastEthernet0/0
ip address 192.168.100.10 255.255.255.0
ntp broadcast client
!
access-list 2 permit 192.168.100.1
access-list 2 deny any log
!
ntp authentication-key 1 md5 cisco
ntp authenticate
ntp trusted-key 1
ntp access-group peer 2
|
Links:
Best Practices White Paper
NTP command reference
|
|
Last Updated on Saturday, 25 October 2008 10:09 |
