6.6.4 Packet Tracer – Configure and Verify NTP Answers

6.6.4 Packet Tracer – Configure and Verify NTP Answers

Addressing Table

Device Interface IP Address Subnet Mask
R1 G0/0/0
R2 G0/0/0


In this activity, you will configure NTP on R1 and R2 to allow time synchronization.

Background / Scenario

Network Time Protocol (NTP) synchronizes the time of day among a set of distributed time servers and clients. While there are a number of applications that require synchronized time, this lab will focus on correlating events that are listed in the system log and other time-specific events from multiple network devices. NTP uses the User Datagram Protocol (UDP) as its transport protocol. All NTP communications use Coordinated Universal Time (UTC).

An NTP server usually receives its time from an authoritative time source, such as an atomic clock attached to a time server. The NTP server then distributes this time across the network. NTP is extremely efficient. No more than one packet per minute is necessary to synchronize two devices to within a millisecond of each other.

It is very important to network security monitoring that these timestamps be accurate and consistent. If a hacker is able to disrupt or distort the time information provided by NTP, it can greatly impact detection and remediation of network security breaches.

NTP authentication can protect the network from NTP attack by verifying the time source. NTP uses MD5 encoded keys to verify the timestamps from the trusted time sources.


Part 1: NTP Server

a. Server N1 is already configured as the NTP Server for this topology. Verify its configuration under Services > NTP. Verify that key 1 and password NTPpa55 are configured for authentication.

b. From R1, ping N1 ( to verify connectivity. The ping should be successful.

c. Repeat the ping to N1 from R2 to verify connectivity to N1.

Part 2: Configure the NTP Clients

Cisco devices can be configured to refer to an NTP server to use to synchronize their clocks. It is important to keep time consistent among all devices. Configure R1 and R2 as NTP clients so their clocks are synchronized. Both R1 and R2 will use N1 server as their NTP server.

a. Check the current NTP and clock settings as shown below. Verify the settings for R2.

R1# show ntp status
%NTP is not enabled.
R1# show clock detail
*0:1:53.745 UTC Mon Mar 1 1993
Time source is hardware calendar

b. Configure R1 and R2 as NTP Clients. Use the ntp server command to specify an NTP server, as shown below:

R1# conf t
R1(config)# ntp server

c. Configure NTP authentication on R1 and R2 using key 1 and password NTPpa55.

R1(config)# ntp authenticate
R1(config)# ntp trusted-key 1
R1(config)# ntp authentication-key 1 md5 NTPpa55

d. Repeat this configuration on R2.

Part 3: Verify NTP settings

a. Check the clocks on R1 and R2 again to verify that they are synchronized:

R1# show clock detail
12:7:18.451 UTC Wed Feb 3 2021
Time source is NTP

Note: When working on physical routers, allow a few minutes before R1 and R2 clocks are synchronized. With Packet Tracer, you can use the Fast Forward Time button to speed up synchronization.

Execute the same command on R2.


Are the clocks synchronized?

b. Check the NTP status and NTP associations by using the following commands to verify NTP operation and configuration.

R1# show ntp status
Clock is synchronized, stratum 2, reference is
<Output omitted>
R1# show ntp associations
address         ref clock      st   when   poll   reach   delay    offset    disp
*~   1     13     64     377     1.00     -9.00    0.48
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

Download 6.6.4 Packet Tracer – Configure and Verify NTP PDF & PKA files:

Related Articles

Inline Feedbacks
View all comments