Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 4 subscribers
  • Views 1114 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Needing to verify all devices pulling NTP from the firewall.

Breakingcustom

I'm migrating a customer over to the XG firewall and they're not sure what devices are statically assigned the UTM as their NTP server.

I know I can do tcpdump dst port 123, but that will show all traffic for NTP (not just NTP traffic straight to the firewall).

I've tried tcpdump host 10.110.10.1 port ntp, but I get invalid syntax.



This thread was automatically locked due to age.
Parents
  • 0

    Make a logging firewall rule to allow traffic to utm's ntp service.

    Somewhat related, I just have a dnat rule forcing any ntp traffic to the utm.

    Btw, last I checked XG did not have a NTP server.  Did that change recently?

  • 0 in reply to Jay Jay

    Good thinking.  I'll give that a shot.

    Nope, XG still doesn't have that functionality yet.  I'm just wanting to know ahead of time which devices he'll need to reconfigure for their time source.  I really wish this would've been implemented in 17.5.

  • 0 in reply to Breakingcustom

    I would think all networked devices use ntp to update time unless explicitly set to manual. I have an old asus rt-something router used as a semi-smart (vlan) switch only.  Time not really important, but it still polls a ntp server.  I would just use a dnat rule similar to above to force any port 123 traffic to what ever ntp server you're running.

     

Reply
  • 0 in reply to Breakingcustom

    I would think all networked devices use ntp to update time unless explicitly set to manual. I have an old asus rt-something router used as a semi-smart (vlan) switch only.  Time not really important, but it still polls a ntp server.  I would just use a dnat rule similar to above to force any port 123 traffic to what ever ntp server you're running.

     

Children
No Data
Unfiltered HTML