Cisco ASA5510 wrong time

Answered Question
Jun 17th, 2010

Through ASDM i checked the time of our firewall it shows may2003.  I want to fix this but i am afraid if i did this asa5510 setting may go away or something else will happen.  Does the time matter on firewall and should i change it?

I have this problem too.
0 votes
Correct Answer by Federico Coto F... about 6 years 7 months ago

Hi,

It is a good idea to have the correct time.

If you're using digital certificates or time-based ACLs or any feature based on time, it is required that the time is set up correctly.

Also very helpful for logging and troubleshooting.

However, it is not mandatory to have the ASA with the right time to have it operational.

Federico.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Federico Coto F... Thu, 06/17/2010 - 06:49

Hi,

It is a good idea to have the correct time.

If you're using digital certificates or time-based ACLs or any feature based on time, it is required that the time is set up correctly.

Also very helpful for logging and troubleshooting.

However, it is not mandatory to have the ASA with the right time to have it operational.

Federico.

GrumpyBear Thu, 06/17/2010 - 08:32

Yes - dear god change the time or even better find a NTP source to synchronize to.  If you ever have to produce your logs in a investigation and your timestamps are out your case (and perhaps your job) will die in the starting gates.  Having said that if your log server has the correct time and it stamps the entries, then the device being unsynchronised is just, well, embarassing but not neccesarily carrer limiting.

Digital certificates will also not behave (or some methods of authentication) if the time is not accurate.

lawsuites Thu, 06/17/2010 - 08:48

Thanks Federico and GrumpyBear(like the name), before i do this, i would like to know and want to make sure that non-of the setting and network will go down.  Right? becasue someone was telling me  that they chagned time on firewall and somehow all of their setting went away.


Federico Coto F... Thu, 06/17/2010 - 09:04

Nothing is going to fail, unless you have digital certificates that expire on a certain time, if the time was wrong and you change it, perhaps the certificates couuld fail.

There are a few time-dependent applications...

If this is not the case, you can change the time with no problems.

Federico.

Actions

This Discussion