How to Configure NTP Authentication In Packet Tracer - Netizzan

How to Configure NTP Authentication In Packet Tracer

NTP is used to synchronize the clocks of devices in a network and ensure that they have a consistent and accurate time reference. However, without authentication, malicious actors could potentially manipulate or disrupt the time synchronization process, which can lead to security vulnerabilities.

NTP authentication enables secure communication between NTP servers and clients by requiring both parties to share a secret key. This helps verify the authenticity of the time information exchanged between devices.

In my last post, I showed you how to enable NTP service on a server and configure a router as an NTP client. Today, I will show you how to Configure NTP Authentication In Packet Tracer.

Network Topology

The network topology we will be making use of is shown in the image below. It is the same as the one we used in our post on how to configure an NTP server in a packet tracer. In this post, we will be configuring the NTP authentication on the network.

network topology composing of two routes, a layer 2 switch and an NTP server

How to Configure NTP Authentication In Packet Tracer

Here are steps to Configure NTP Authentication In Packet Tracer;

Step 1: Enable Authentication on the NTP server

To configure NTP authentication, we first need to enable authentication on the NTP server. Go to services>NTP on the NTP server

Enable authentication on NTP server

Then enter the authentication key and password you want to use for the authentication. I entered “1” as the key and “netizzan” as the password.

Step 2: Configure Authentication on the NTP clients

Router0

R0>enable
R0#configure terminal
R0(config)#ntp authentication-key 1 md5 netizzan 20
R0(config)#ntp trusted-key 1
R0(config)#ntp update?
update-calendar  
R0(config)#ntp update-calendar
R0(config)#ntp server 192.168.1.3 key 1
R0(config)#ntp authenticate

Router1

R1>enable
R1#configure terminal
R1(config)#ntp authentication-key 1 md5 netizzan 20
R1(config)#ntp trusted-key 1
R1(config)#ntp update-calendar
R1(config)#ntp server 192.168.1.3 key 1
R1(config)#ntp authenticate

Here is a quick explanation of what each of the commands does:

  1. Ntp authentication-key 1 md5 netizzan 20:
    • ntp authentication key 1: This command creates an NTP authentication key with the ID 1.
    • md5: specifies that the MD5 algorithm will be used for authentication.
    • netizzan: The string “netizzan” is the secret key that will be used for MD5 authentication.
    • 20: This is the key number used for authentication. It is a numeric value associated with the key.
  2. ntp trusted-key 1: This command designates the NTP authentication key with ID 1 as a trusted key. Trusted keys are used to authenticate NTP servers.
  3. ntp update-calendar: This command updates the system calendar using the NTP time. It ensures that the system clock is synchronized with the NTP server’s time.
  4. ntp server 192.168.1.3 key 1: ntp server 192.168.1.3 specifies the IP address of the NTP server that the client will synchronize with and Key 1 associates the NTP server with the authentication key ID 1. This means that the NTP server is expected to provide the correct authentication key when communicating with the client.
  5. ntp authenticate: This command globally enables NTP authentication on the client.
ALSO READ:  TCP Communication: How to Send TCP Traffic in Packet Tracer

Step 3: Verify the configuration

After the configuration, you can check whether NTP is working using the command “show ntp status.”

Router1

R1#show ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 249.9990 Hz, precision is 2**24
reference time is 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1990)
clock offset is 0.00 msec, root delay is 0.00  msec
root dispersion is 0.00 msec, peer dispersion is 0.00 msec.
loopfilter state is 'FSET' (Drift set from file), drift is - 0.000001193 s/s system poll interval is 4, never updated.
R1#show ntp status
Clock is synchronized, stratum 2, reference is 192.168.1.3
nominal freq is 250.0000 Hz, actual freq is 249.9990 Hz, precision is 2**24
reference time is E779D61A.0000036F (3:59:22.879 UTC Fri Feb 24 2023)
clock offset is 0.00 msec, root delay is 0.00  msec
root dispersion is 52.98 msec, peer dispersion is 0.36 msec.
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is - 0.000001193 s/s system poll interval is 5, last update was 14 sec ago

Router0

R0#show ntp status
Clock is synchronized, stratum 2, reference is 192.168.1.3
nominal freq is 250.0000 Hz, actual freq is 249.9990 Hz, precision is 2**24
reference time is E779D6CF.0000002D (4:2:23.045 UTC Fri Feb 24 2023)
clock offset is 0.00 msec, root delay is 0.00  msec
root dispersion is 52.54 msec, peer dispersion is 0.48 msec.
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is - 0.000001193 s/s system poll interval is 6, last update was 32 sec ago.

Note: Because authentication is configured, it takes a long time for the NTP client to synchronize their time with the NTP server.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top