I setup the remote accesss vpn using active directory ldap, kerbi for authen and authro. It is works well but i am facing frequebt tunnel disconnections.Syslog shows that the clock setting bet AD server and ASA 10 minites different. After set the ASA time back to the AD time tunnel comes up. It is now frequent and i do not want the manual setting everytime.
Re: ASA5520 CLOCK diviate from Microsoft AD server
As cisco24x7 mentioned, you can set ntp on your ASA to automagically update time. Read up in the config guide for this - in 8.0, the section is under "getting started..." / "configuring basic settings" / "setting the date and time" / "setting the date and time using an ntp server"
From my understanding, AD servers typically already sync time amongst themselves - you should confirm that with your AD admin(s). If they're not using NTP to get updated time from the Internet or radio source, try to figure out why :)
If there's no reason not to, have your AD environment and your ASA sync NTP from a few good sources. You can find some public sources from here: http://www.ntp.org
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...