Hi everybody,
Pease consider the following set up:
SRX ( NTP Client)--20.20.20.10--------200.20.20.200 -NTP SERVER
1)Above SRX is configured with MD5 key for NTP to ensure SRX will only synch time with authorised NTP server i.e NTP server has to prove to NTP Client ( SRX) that it is legitimate NTP server.
2) Cisco router is acting as NTP stratum one server above.
SRX CONFIG:
SRX has synched its clock with NTP source , though NTP server is not configured with any autehentication key
NTP SERVER config:
NTP SERVER#show running-config | begin ntp
ntp master 1
###############
Capture taken on SRX shows SRX ( NTP Client) does send MD5 hash with key number 1:
SRX Version:
####################################################################
Question:
1) As we can see above SRX has synched time with NTP server( which does not have any NTP authentiction configured), though SRX is confgured for NTP authenticaion. Is it a bug?
2) Even when NTP server is configured with mismatched MD5 key, SRX ( NTP client) is still able to synced time:
NTP SERVER (config)#ntp authentication-key 1 md5 KOO
Thanks and have a good weekend!!