asa5505 how to ntp sync external md5 clock

hi that aithentication config was only on my asa..!! It was random to see if the authentication would pass or fail.

my asa currently has no other authentication co figured..!

hi I was given by another expert the following external ntp:

-  europe.pool.ntp.org - 195.222.33.219 - so I used it to confirm I could ntp sync my asa..which is successful..

-  as i currently cannot ping 195.222.33.219 - even though i could before i cannot confirm if this belongs to europe.pool.ntp.org

question 1.  if the above is correct i am not sure how to go about locating the correct authentication details from the external ntp in order to repeat this on my asa ?

yes i understand that's why i was looking at the below url in order to find out how to go about registering for an external ntp & authentication details for me to use  ?

http://support.ntp.org/bin/view/Servers/NTPPoolServers

the external ntp 195.222.33.219 that i was given was only to allow me to test that i can get ntp sync via my asa....ok all good

I have never gone about getting an external ntp to use permanently as I assumed it is free if I use from the below site but thought I would have to register or something.

http://support.ntp.org/bin/view/Servers/NTPPoolServers

hi so i gather my understanding of how to get an external ntp config is incorrect..which would make sense i suppose ?

after reading further of the following:  http://support.ntp.org/bin/view/Servers/NTPPoolServers   - it appears that due to the frequent change of ntp servers that authentication is not currently used so I can ignore this part.

I assume therefore the following:

- isp - contact my isp for their time server details
or
- purchase my own time server

after reading also the below specific link i came up with the below:

- http://support.ntp.org/bin/view/Servers/NTPPoolServers

I created a file called (ntp.conf) and within that I have added:
NTP Pool Time Servers

pool.ntp.org uses DNS round robin to make a random selection from a pool of time servers who have volunteered to be in the pool. This is usually good enough for end-users. The minimal ntpd configuration file (e.g. /etc/ntpd.conf) for using pool.ntp.org is:

qns1.  how do i now use this for the below ntp list: driftfile /var/lib/ntp/ntp.drift  ?

- server 0.europe.pool.ntp.org
- server 1.europe.pool.ntp.org
- server 2.europe.pool.ntp.org
- server 3.europe.pool.ntp.org

ntp pool time servers:

pool.ntp.org uses dns round robin to make a random selection from a pool of time servers who have volunteered to be in the pool.  this is usually good enough for end-users.  the minimal ntpd configuration file (e.g. /etc/ntpd.conf) for using pool.ntp.org is:
driftfile /var/lib/ntp/ntp.drift


driftfile /var/lib/ntp/ntp.drift

note:  ive obviously got to create or install some program  for my ntp.conf to work, although not sure what 'ntp.drift' is  ...!!

if i was using a windows server then i could use the regedit or timeserver via the tasbar clock

driftfile - Linux ok.

isp - I will find out if they will provide me with those details

if I wish to make my asa the master ive just changed the following:

ntp server 192.168.0.1 source inside prefer (this is just my internal interface for the lan)
ntp server 195.222.33.219 source inside

sh ntp assocations - shows both as configured but the 195.222.33.219 shows * master.. why  ?

asa:  sh ntp status - stills shows as synchronized

question 1. currently im not running a dc because there are environments that dont require a server so my point was how do i set an ntp master if my asa cannot be one & my isp does not use an external ntp ?

sound advice overall.

One last note:  any Windows server can be used as your time server.  It doesn't have to be a domain controller.  In a Windows domain environment, however, Windows domain clients and domain servers will sync time with the domain controllers by default.

ok.