NTP Commands

ntp access-group

To control access to Network Time Protocol (NTP) services on the system, use the ntp access-group command in global configuration mode. To remove access control to the NTP services, use the no form of this command.

ntp access-group { peer | access-list-number }

no ntp access-group { peer | access-list-number }

Syntax Description


peer	Allows time requests and NTP control queries and permits the system to synchronize with the remote system.
`access-list-number`	Number (from 1 to 9199) of a standard IPv4 access list.

Command Default

By default, there is no access control. Full access is granted to all systems.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Release 17.2.1v	Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE, ntp access-group command.

The following example shows how to configure a system to allow itself to be synchronized by a peer:


Router(config)# ntp access-group peer 25

The following example shows how to remove all the configured NTP options and disable the NTP server:


Router(config)# no ntp

ntp authentication-key

To define an authentication key for Network Time Protocol (NTP), use the ntp authentication-key command in global configuration mode. To remove the authentication key for NTP, use the no form of this command.

ntp authentication-key number md5 key

no ntp authentication-key number

Syntax Description

number

Key number from 1 to 4294967295.

md5

Specifies the authentication key. Message authentication support is provided using the message digest 5 (MD5) algorithm. The key type md5 is the only key type supported.

key

Character string of up to 32 characters that is the value of the MD5 key.

Note

In auto secure mode, an error is displayed on the console and the authentication key is not configured if the character string length exceeds 32.

Command Default

No authentication key is defined for NTP.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Release 17.2.1v	Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE, ntp authentication-key command.

The following example shows how to configure the system to synchronize only to systems providing the authentication key in their NTP packets:


Router(config)# ntp authentication-key 65535 md5 test

The following example shows how to remove all the configured NTP options and disable the NTP server:


Router(config)# no ntp

ntp server

To configure a router to allow its software clock to be synchronized with the software clock of a Network Time Protocol (NTP) time server, use the ntp server command in global configuration mode. To disable this capability, use the no form of this command.

ntp server { ip-address } [ source interface-type ] [ key key-id ] [ prefer version version ]

no ntp server { ip-address }

Syntax Description

ip-address

IPv4 address of the NTP peer providing or being provided the software clock synchronization.

version

(Optional) Defines the NTP version number.

number

(Optional) NTP version number. The range is from 2 to 4.

Note

In Cisco IOS Release 12.2SX, the number range is from 1 to 4.

key

(Optional) Specifies the authentication key.

key-id

(Optional) Authentication key to use when sending packets to this NTP peer.

source

(Optional) Specifies that the source address must be taken from the specified interface.

interface-type

(Optional) Name of the interface from which to pick the IPv4 or IPv6 source address. For more information, use the question mark (?) online help function.

prefer

(Optional) Makes this NTP peer the preferred peer that provides the clock synchronization.

Command Default

No servers are configured by default. When a server is configured, the default NTP version number is 3, an authentication key is not used, and the source IPv4 is taken from the outgoing interface.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Release 17.2.1v	Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE, ntp server command.

The following example shows how to configure a router to allow its software clock to be synchronized with the software clock of an NTP server by using the device at the IPv4 address:


Router(config)# ntp server 10.0.1.1 source GigabitEthernet8 key 65535 prefer version 4

ntp source

To use a particular source address in Network Time Protocol (NTP) packets, use the ntp source command in global configuration mode. To remove the specified source address, use the no form of this command.

ntp source interface-type interface-number

no ntp source

Syntax Description


`interface-type`	Type of interface.
`interface-number`	Number of the interface.

Command Default

Source address is determined by the outgoing interface.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Release 17.2.1v	Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE, ntp source command.

The following example shows how to configure a router to use the IPv4 or IPv6 address of GigabitEthernet interface 8 as the source address of all outgoing NTP packets:


Router(config)# ntp source GigabitEthernet 8

The following example shows how to remove all the configured NTP options and disable the NTP server:


Router(config)# no ntp

ntp trusted-key

To authenticate the identity of a system to which Network Time Protocol (NTP) will synchronize, use the ntp trusted-key command in global configuration mode. To disable the authentication of the identity of the system, use the no form of this command.

ntp trusted-key key-number

no ntp trusted-key key-number

Syntax Description


`key-number`	Specifies the key number of the authentication key to be trusted. Valid values are from 1 to 65535.

Command Default

Authentication of the identity of the system is disabled.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Release 17.2.1v	Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE, ntp trusted-key command.

Configure the trusted key with the key number of the configured authentication-key to have a successful authentication.

The following example shows how to configure the system to synchronize only to systems providing authentication keys in their NTP packets:


Router(config)# ntp authentication-key 65535 md5 test
Router(config)# ntp trusted-key 65535

The following example shows how to remove all the configured NTP options and disable the NTP server:


Router(config)# no ntp

Cisco IOS XE Catalyst SD-WAN Qualified Command Reference

Bias-Free Language

Book Title

Cisco IOS XE Catalyst SD-WAN Qualified Command Reference

Chapter Title

NTP Commands

Results

Chapter: NTP Commands

NTP Commands

ntp access-group

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

ntp authentication-key

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

ntp server

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

ntp source

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

ntp trusted-key

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Was this Document Helpful?

Contact Cisco