Cisco Wireless Controller Configuration Guide, Release 8.8

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: August 17, 2018

Chapter: Network Time Protocol Setup

Network Time Protocol Setup
Authentication for the Controller and NTP/SNTP Server
- Guidelines and Restrictions on NTP
Configuring the NTP/SNTP Server to Obtain the Date and Time (GUI)
Configuring the NTP/SNTP Server to Obtain the Date and Time (CLI)
Configuring NTPv4 Keys for Authentication (GUI)

Network Time Protocol Setup

Authentication for the Controller and NTP/SNTP Server

We highly recommend that controllers synchronize their time with an external NTP/SNTP server. We also recommend that you authenticate this connection to the NTP/SNTP server, as a best practice. By default, an MD5 checksum is used in this scenario.

Each NTP/SNTP server IP address is added to the controller database. The respective controller then attempts to poll an NTP/SNTP server from this database in the index order. The controller then obtains and synchronizes the current time at each user-defined polling interval, as well as following a reboot event. By default, the NTP polling interval is 600 seconds.

Guidelines and Restrictions on NTP

When the time difference between the NTP server and the controller exceeds 1000s, the ntpd process exits and adds a panic message to the system log. In this situation, set the time on the controller manually.
As a part of the federal certification requirements, controller supports NTPv4 protocol which is a standard Open Source Code.
Controllers support both the versions—NTPv3 and NTPv4 versions. However you can use either one of the two versions and not both at the same time.
NTPv4 supports both IPv4 and IPv6 servers, and supports SHA1 authentication for NTP messages.

Configuring the NTP/SNTP Server to Obtain the Date and Time (GUI)

Procedure

Step 1	Choose Controller > NTP > Server to open the NTP Severs page.
Step 2	From the NTP Version drop-down list, choose 4.
Step 3	Click Apply.
Step 4	Click New to add a new NTP/SNTP Server.
Step 5	(Optional) In the Server Index (Priority) field, enter the NTP/SNTP server index. The controller tries Index 1 first, then Index 2 through 3, in a descending order. Set this to 1 if your network is using only one NTP/SNTP server.
Step 6	Enter the server IP address. You can enter an IPv4 or an IPv6 address or a fully qualified domain name (FQDN), which should meet the following criteria: Contains only a-z , A-Z, and 0-9 characters. Does not start with a dot (.) or a hyphen (-). Does not end with a dot (.). Does not have 2 consecutive dots (..).
Step 7	Enable or disable the NTP/SNTP Authentication.
Step 8	If you enable the NTP/SNTP Authentication, enter the Key Index.
Step 9	Click Apply.
Step 10	Delete an existing NTP server IP address or DNS server by hovering the cursor over the blue drop-down arrow for that server index and choose Remove.
Step 11	Confirm the deletion by clicking on OK in the dialog box.

Configuring the NTP/SNTP Server to Obtain the Date and Time (CLI)

Use these commands to configure an NTP/SNTP server to obtain the date and time:

Procedure

To specify the NTP/SNTP server for the controller, enter this command:

config time ntp server index ip-address
(Optional) To specify the polling interval (in seconds), enter this command:

config time ntp interval
To enable or disable NTP/SNTP server authentication, enter these commands:
- config time ntp auth enable server-index key-index —Enables NTP/SNTP authentication on a given NTP/SNTP server.
- config time ntp key-auth add key-index md5 {ascii | hex} key—Adds an authentication key. By default MD5 is used. The key format can be ASCII or hexadecimal.
- config time ntp key-auth delete key-index —Deletes authentication keys.
- config time ntp auth disable server-index —Disables NTP/SNTP authentication.
- show ntp-keys —Displays the NTP/SNTP authentication related parameter.
To delete an NTP server IP address or DNS server from the controller, enter this command:

config time ntp delete NTP_server index

Configure the NTP version by entering this command:

config time ntp version version

Note

When the NTP version changes, the configured servers are deleted.

Configuring the NTP polling interval when using NTP version 4 by entering this command:

config time ntp pollinterval maxpoll minpoll server-index

Configuring NTPv4 Keys for Authentication (GUI)

Procedure

Step 1	Choose Controller > NTP > Keys to open the NTP Key page.
Step 2	Click New to add a new NTP key.
Step 3	Enter the Key Index number in the Key Index field.
Step 4	From the Checksum drop-down list, choose SHA1.
Step 5	From the Key Format drop-down list, choose ASCII.
Step 6	Enter the Key in the Key field.
Step 7	Click Apply.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)