11-24-2010 08:54 AM - edited 03-10-2019 05:11 AM
My IPS appliance is not synchronizing with the NTP, below are the logs that I am getting.
NTP Statistics
= remote refid st t when poll reach delay offset jitter
= 172.21.3.137 172.21.1.10 5 u 746 1024 377 1.409 -13801. 532.147
= *LOCAL(0) 73.78.73.84 5 l 8 64 377 0.000 0.000 0.001
= ind assID status conf reach auth condition last_event cnt
= 1 20556 b0f4 yes yes none reject reachable 15
= 2 20557 96f4 yes yes none sys.peer reachable 15
status = Not Synchronized
........
Nov 20 21:53:37 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:10:42 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 20 22:11:48 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:27:35 sensor daemon.notice ntpd[15975]: time reset -3.797142 s
Nov 20 22:31:56 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 21 02:44:59 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 21 03:02:05 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 21 03:10:38 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 21 03:26:34 sensor daemon.notice ntpd[15975]: time reset -9.364510 s
Nov 21 03:30:58 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
...............
I tried changing the NTP server to other Cisco Devices, but still the IPS is not syncronizing with any NTP. How can I fix this.
Please help,
Thanks
11-24-2010 06:49 PM
What version of IPS do you have? Is your NTP server a Cisco router? Could you please attach your IPS config and your NTP server configuration.
Please notice that IPS 6.x supports only Cisco routers as NTP servers.
11-24-2010 11:15 PM
11-24-2010 10:13 PM
Hello!
It seems that your problem is that your ips internal ntp server and ntp server at 172.21.3.137 both have the same ntp stratum - 5. From sent logs we see that your ips gets synchronized with both ntp servers:
Nov 20 21:53:37 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:10:42 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 20 22:11:48 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:27:35 sensor daemon.notice ntpd[15975]: time reset -3.797142 s
NTP stratum is like route metric - how far is your ntp server from a most accurate clock?(http://en.wikipedia.org/wiki/Network_Time_Protocol)
Please, try to set up ntp server 172.21.1.10 at you ips. This ntp server apparently will have 4 as ntp stratum.
With best regards
11-24-2010 11:24 PM
Thanks mzimovets,
We even get the logs where 172.21.3.137 shows a stratum of 10, but the router is on the same network.
sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=10
sensor daemon.notice ntpd[15975]: time reset -8.712638 s
sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
We had tried setting up 172.21.1.10 as NTP for the IPS, but still it is not syncronizing.
11-25-2010 06:58 AM
So your router is 172.21.3.137, right? Your router don't need the command "ntp server 172.21.1.10".
By the way, what device have the IP 172.21.1.10 ? Do you have another NTP server besides 172.21.3.137 ?
Also, your configuration says router router have a stratum 10, and your logs says apparently there is another NTP server with stratum 4.
Take into account that a NTP server with lower stratum is better.
12-12-2010 01:43 PM
05-03-2013 05:23 AM
folks
i have had similiar issues with a cople of aip-ssm cards not synchronising ntp to a non cisco ntp server
i tried a hw-module reset to sort it out but no joy
so far my only successful option has been to remove the ntp config on the aip-ssm and then reconfigure it
hope this helps
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide