Set the Date and Time Using an NTP Server

NTP is used to implement a hierarchical system of servers that provide a precisely synchronized time among network systems. This kind of accuracy is required for time-sensitive operations, such as validating CRLs, which include a precise time stamp. You can configure multiple NTP servers. The ASA chooses the server with the lowest stratum—a measure of how reliable the data is.

Time derived from an NTP server overrides any time set manually.

The ASA supports NTPv4.

Procedure


Step 1

In the edit ASA system settings page, click NTP in the left pane.

Step 2

Uncheck the Retain existing values checkbox to configure the values for the shared ASA system settings policy.

Important

If the Retain existing values check box is selected, you can't configure the values as the fields are hidden. Security Cloud Control uses the existing local values of the ASA device for this setting and doesn't inherit from the shared policy.

Step 3

Click to add NTP server details.

  • IP Version: Select the IP address version you want to use.

  • IP Address: Specify the NTP server's IP address.

    You cannot enter a hostname for the server; the ASA does not support DNS lookup for the NTP server.

  • Key Id: Enter a number between 1 and 4294967295.

    This setting specifies the key ID for this authentication key, which enables you to use authentication to communicate with the NTP server. The NTP server packets must also use this key ID.

  • Interface Name: Specify the interface name. Ensure the interface name specified here is the same on the ASA devices associated with this shared system settings policy.

    NTP uses an algorithm to determine which server is the most accurate and synchronizes to it. If servers are of similar accuracy, then the preferred server is used. However, if a server is significantly more accurate than the preferred one, the ASA uses the more accurate one.

  • Prefer: (optional) Check the Preferred check box to set this server as a preferred server.

Note

To remove an NTP server, you can click the delete icon under Actions.

Step 4

Click Save.