By default, NTP is a clear text, unauthenticated protocol. However, it can be configured to authenticate time sources. NTP authentication is an upstream protocol only - authenticated clients have assurance that they are receiving correct time, that the ntp packets have not been tampered with. Rationale: Configuring authentication ensures that if the server key does not match the key configured on the NTP client, that the client will drop any NTP replies from that server. If multiple keys are configured,
Solution
switch(config)# ntp authenticate switch(config)# ntp authentication-key 42 md5 my-ntp-key switch(config)# ntp trusted-key 42 switch(config)# ntp server 132.246.11.231 use-vrf management key 42 Default Value: By default NTP is not configured. If NTP is configured, by default it is unauthenticated.