Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Cisco Router and NTP

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> SecureNAT Client >> Cisco Router and NTP Page: [1]
Login
Message << Older Topic   Newer Topic >>
Cisco Router and NTP - 14.Jan.2003 4:56:00 PM   
thewomble

 

Posts: 13
Joined: 14.Jan.2002
From: Salford, England
Status: offline 		Have configured our ISA for NTP outbound (port 123) both TCP and UDP any client.

Our domain controllers sync with our NTP master server on the DMZ, that works fine.

Getting our internal Cisco Routers to sync with an NTP server is proving to be difficult. Cisco router are Stratrum level 2 and need to sync with Strateum Level 1, most time server on the internet are stratum level 1. The cisco sees the Microsoft server has stratum 3 therefore will not sync.

Getting to Cisco to sync on the otherside of the firewall is a breeze.

Anybody got Cisco equipment on the inside of the network and tried to sync with an NTP server on the internet via an ISA server?

Any comments Welcome.
Post #: 1
RE: Cisco Router and NTP - 20.Jan.2003 1:57:00 PM   
thewomble

 

Posts: 13
Joined: 14.Jan.2002
From: Salford, England
Status: offline 		Come on chaps, has any one got cisco equipment syncing with time server on the internet behind an ISA server?

If so let me know if its working, at least its a configuration issue and can be done.

(in reply to thewomble)
Post #: 2
RE: Cisco Router and NTP - 20.Jan.2003 4:22:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Worm,

How about syncing it with the ISA Server? Then configure the packet filters to support NTP on the ISA Server?

http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b323621

HTH,
Tom

(in reply to thewomble)
Post #: 3
RE: Cisco Router and NTP - 3.Feb.2003 5:19:00 PM   
thewomble

 

Posts: 13
Joined: 14.Jan.2002
From: Salford, England
Status: offline 		Tom,

Our internal ADs and any microsoft client is quite happy to sync the ISA server, ISA sync with time server on the internet, but not cisco equipment, from what I know of the cisco it sees Microsoft kit as a lower Stratum level then it self, therefore it will not sync with it. The equipment needs to sync with our cisco external router or with a time server on the internet. This works thru a Checkpoint FW1 but not Microsoft ISA server.

(in reply to thewomble)
Post #: 4
RE: Cisco Router and NTP - 4.Feb.2003 4:33:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Worm,

How errors do you see in your NTP protocol rules? What to the packet filter and firewall logs say?

Thanks!
Tom

(in reply to thewomble)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> SecureNAT Client >> Cisco Router and NTP Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts