cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6095
Views
4
Helpful
15
Replies

ACS 5.2 - Clock Skew Error

ciscokid7181
Level 1
Level 1

    Dear Folks,

          I have  6500 VSS Core Switch configured as NTP Server .I have installed ACS 5.2 vmware and sucessfuly integrated with the AD . I have noticed in some case, i lose connectivity between ACS and AD and when i say test connection , it shows clock skew error . Reboot of ACS sometimes solves the issue, else it comes up automatically after some hours . In core switch , i have configured time as PST +4 and in ACS it is configured as PST +4 , which automatically goes to GST .

Could you please tell me , why i get this error ' Clock Skew Error' ?

Regards,

Siddarth

15 Replies 15

Tarik Admani
VIP Alumni
VIP Alumni

When you issue a "show ntp" what does the offset and jitter show? Maybe there are some issues with the ntp source but give that a check first.

Tarik Admani
*Please rate helpful posts*

Hi ,

Thanks for the reply. When i see show ntp in ACS  , it gives offset -14.434 and jitter 2.971 .

What does this mean ?

Regards,

SID

Can you post the output:

"When repeatedly reading the time, the difference may vary almost randomly.  The difference of these differences (second derivation) is called jitter."

Offset is a value that is calculated between the local time and the referenced time.

Basically they are used in order to track the quality of the ntp source.

Thanks,

Tarik Admani
*Please rate helpful posts*

I did reload on the ACS , thinking it may work, but it still shows disconnected , with error showing as clock skew

Attached below is output of NTP

sh ntp

Primary NTP   : 10.10.1.1

synchronised to NTP server (10.10.1.1) at stratum 2

   time correct to within 20 ms

   polling server every 64 s

     remote           refid      st t when poll reach   delay   offset  jitter

==============================================================================

127.127.1.0     LOCAL(0)        10 l   52   64  377    0.000    0.000   0.001

*10.10.1.1       .LOCL.           1 u   51   64  377    0.001    6.769   9.799

Warning: Output results may conflict during periods of changing synchronization.

Regards,

SID

Can you post the output of 'show timezones'? Along with 'show clock'?

Also when you enter the timezone how are you entering the command? What timezone are you currently in and do you observer DST?

Thanks,

Tarik Admani
*Please rate helpful posts*

Hi,

Please find the commands below . i was in timezone PST+4 (GST) , then later changed to Etc/GMT+4 . DST was not considered. and the command line entered was as follows

clock set month time year .

sh ntp

Primary NTP   : 10.10.1.1

synchronised to NTP server (10.10.1.1) at stratum 2

   time correct to within 20 ms

   polling server every 256 s

     remote           refid      st t when poll reach   delay   offset  jitter

==============================================================================

127.127.1.0     LOCAL(0)        10 l   50   64  377    0.000    0.000   0.001

*10.10.1.1       .LOCL.           1 u  192  256  377    0.001   -2.576   4.449

Warning: Output results may conflict during periods of changing synchronization.

XXX-ACS/admin# sh time

timezone   timezones 

XXX-ACS/admin# sh timezone

Etc/GMT+4

XXX-ACS/admin# sh clock

Wed Aug 15 14:28:08 GMT+4 2012

Hi,

What is the correct time in the location that you are at? The current time that you posted below looks like it is in the eastern time zone here in the US.

Thanks,

Tarik Admani
*Please rate helpful posts*

Hi ,

Its in dubai . I tried using Asia/Dubai . Any suggestions please.

Regards,

SID

Try running the command:

clock timezone Asia/Dubai

This should force you to restart the services, then after you enter this command type in write memory.

Also what patch level are you on?

thanks,

Tarik Admani
*Please rate helpful posts*

Hi,

Thanks for the response so far .

I have did the command as you have mentioned. By the way related with the patch , how can i check that ?

Regards

SID

Show version will get this information.

Can you try to remove the ntp configuration, restart the services, enter the timezone and then the ntp configuration?

Thanks,

Tarik Admani
*Please rate helpful posts*

Hi Tarik ,

Below is the version and build of ACS

Cisco ACS VERSION INFORMATION

-----------------------------

Version : 5.2.0.26

Internal Build ID : B.3075

By the way, is there no command for NTP . I tried to do that, it seems its not in the CLI. so i re-entered NTP Server command, with timezone  and I have restarted .

Still the same error ( clock skew) and disconnected .

Regards,

SID

I just executed the 'no ntp server 1.1.1.1' and it allowed me to execute it. I am on version 5.3 patch 4, if this is not letting you run this command please install the latest patch on your appliance and see if that fixes your issue.

Thanks,

Tarik Admani
*Please rate helpful posts*

Hi Tarik,

I am in downloads site and i found out that there were 10 patches. should i install as increment from 1 to 10 ...or i can install 10, which contains all the other versions .

Second thing , you have mentioned you were using 5.3 patch 4, so is it possible i can upgrade directly from 5.2 to 5.3

Regards,

SID

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: