I'm configuring all of the cisco sensors I manage to update their time using a public NTP server.
I've hit two bumps.
On a few of the 4.x sensors I get the error "Error: Could not run ntpdate utility. Fatal Error has occurred. Node MUST be rebooted to enable alarming."
On all of the 5.x sensors, I can't apply the NTP settings because it requries two additional values (keys?) - but the public NTP I'm using doesn't require these. I was able to get this to work on the 4.x servers by entering the value 1 in both fields, but the 5.x sensor seems to be doing some additional checking.
Any help/insight is much appreciated. I checked the configuration documentation but didn't find anything other than descriptions of the fields.
The second issue is actually the way it's supposed to work. NTP on the sensor requires NTP authentication, but because of a bug in the 4.x code it actually let you set it by just putting in dummy values (although it would only sync up once upon reboot and then get slowly out of sync as time went on). Version 5.x fixed the authentication "problem" and it now requires authentication to be set up correctly right from the start. You'll need an NTP server that can handle authentication correctly to get your 5.x sensors to sync up with it.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...