Hello,
In UTM 9 i was able to point Sophos at a time source, and then internal clients could reference it for time. I don't see this option in XG, is this no longer possible?
Thanks!
This thread was automatically locked due to age.
Cd you please check attached configuration. I tried routing NTP traffic to public NTP server. It's not working. Could yo please help with this ?
All i need is to forward the NTP requests to a public NTP server.
Model: XG450 (SFOS 17.0.5 MR-5)
Rule Type:Business Application Rule
Hi,
why are you using a business rule, a simple network rule would be adequate.
Source (local lan), local network, destination wan, any, service ntp.
If you want to provide more security int he destination you can use the FQDN group for the NTP servers.
Do you have country blocking enabled? I have found that country blocking blocked my NTP access for country based NTP servers ag AU and US business and government servers.
Ian
XG115W - v20 GA - Home
XG on VM 8 - v20 GA
If a post solves your question please use the 'Verify Answer' button.
Finally I got it worked. I Forwarded NTP requests coming to Sophos Device to a public NTP server
Note:
** Do not use default Sophos NTP service, for some reason it was not working
** Create a custom NTP service with entry only for UDP 123
** Ensure to masquerade the DNAT rule
** Create new Business rule type DNAT
Hi,
as far as I can see you have done it in a very convoluted way. Also you appear to be allowing your XG to be an NTP relay by having WAN in the source zone.
You didn't need to add udp ntp service it is already in the XG.
Ian
XG115W - v20 GA - Home
XG on VM 8 - v20 GA
If a post solves your question please use the 'Verify Answer' button.
Is it me or you are allowing the whole universe, and more, to access an internal device 172.16.x1x.xxx via service NTP ??? NAT or not, seems to me your naked and vulnerable !!!
I too noticed NTP do not work sometime. And I too have created a custom NTP service.