Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NTP issue in 15.2(4)

I'm trying to configure our router to be both an NTP client and server for clients on our network.  I believe that I'm running into a bug.


My configuration is:


access-list 1 remark Restrict NTP to local networks
access-list 1 permit 207.x.y.0
access-list 1 permit

access-list 2 remark NTP sync with specified servers
access-list 2 permit
access-list 2 permit
access-list 2 permit
access-list 2 permit


ntp access-group peer 2
ntp access-group serve-only 1
ntp master
ntp update-calendar
ntp server
ntp server
ntp server



The router is syncing fine with the 3 NTP servers.  However, no clients can query my routers.  The only way that I can get clients to successfully query my routers for NTP is to either remove both "ntp access-group" commands (which I obviously can't do) or to add my clients to the peer access list, which is also incorrect:

access-list 2 permit 207.x.y.0
access-list 2 permit


It looks like NTP queries coming into the router are being checked against the "peer" ACL only and that "serve-only" is being ignored. 

If I remove "ntp access-group peer 2" and only have "ntp access-group serve-only 1" the queries still fail.


I found 1 previous post regarding someone having a similar issue a year ago and it didn't receive any replies.



Hello.I believe you hit a bug


I believe you hit a bug CSCuj66318, that is fixed in 15.2(4)M7.

I tried 15.2(4)M7 and 15.2(4)M1 - M1 behaves as you described, while M7 works fine.

CreatePlease login to create content