Cisco Catalyst 1200-8T-D Smart Switch-Default Enabled Services and SNTP Configuration

On By dustin

I’ve been meaning to find a replacement for a layer 2 switch I have and stumbled upon the Cisco Catalyst 1200-8T-D Smart Switch on Amazon. There’s a few videos reviewing older models but not much out there on the 1200 series. Since it was fairly inexpensive, I decided to give it a try. If it meets my needs, I may purchase additional and beefier models to replace other aging devices in my environment. This post will be the first in a series of posts on this switch type.

Initial Impressions

All in all, its a nice, quiet, and simple switch that gets the job done. It supports both a CLI and a web GUI for configuration. However, it should be noted that the CLI is a simplified version of traditional IOS. Some familiar commands and configurations are missing so you’re familiar with IOS you’ll have to stumble your way through some new commands.

Services Overview and SNTP Configuration

One of the first things I noticed was the number of services enabled on this switch by default. I manually turned off several unnecessary services like PNP, Bonjour, and HTTP. You can disable these either through the CLI using the usual “no” command or via the web GUI.

Some of the services are watered down too. For example, the switch uses SNTP instead of NTP. In my experience, SNTP typically means less accurate and less frequent time synchronizations. Configuration is near identical to full version of IOS and looked like this for me: 

sntp authentication-key 123 md5 12345678
sntp trusted-key 123
sntp authenticate
sntp server 192.168.123.123 poll key 123

A few frustrating notes on the SNTP service… Here are a few frustrating things I ran into when configuring SNTP on this switch.
1. The switch comes with some “hidden” enabled SNTP servers. I noticed this as soon as I got my switch up and running my firewall was hit with block logs for various time queries. You can disable these in either the web GUI or CLI. Here’s what my switch was set to poll and how I disabled them:

no sntp server time-a.timefreq.bldrdoc.gov
no sntp server time-b.timefreq.bldrdoc.gov
no sntp server time-c.timefreq.bldrdoc.gov
no sntp server time-pnp.cisco.com

2. SNTP keys must be between 1-8 characters long. Attempts to use a longer value will fail. This limitation meant I had to create new, shorter keys to integrate the switch into my environment:

3. I could only get FQDNs working via the web GUI, not via CLI. Even when I was in the web GUI I was unable to get FQDNs working with keys. The GUI has a “By IP address” and “By name” option…not sure if there is some bug related to “By name” when you try using the CLI or when using keys.

Helpful SNTP Commands. Once you have SNTP up and running. Theres a few commands that are helpful:

1. show sntp configuration: Just like you might think, this command will list out what you have configured for sntp. Here is a snippet using the example configurations I provided above:

2. show sntp status: Similar to the “show ntp associations” command in IOS, this provides a snapshot of your clock status, and information about your chosen sntp server:

Final Thoughts

While working with SNTP on this switch was a bit frustrating it, I’m happy to have new hardware and a new type of interface to gain experience with. The Cisco Catalyst 1200-8T-D has replaced my end-of-life device and is now fully integrated into my environment. In future posts about this switch, I plan to cover topics like the switch’s security settings, backups,etc.

Thanks for reading!