Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

how to configure NTP on a router ?

Hello Everyone,

 

i have a router access list configured on both inbound and outbound interface, and i have a local NTP server in my network, now i want to router get time updated from that server ,  i know it is possiable but the quistion is that i have to permit  that NTP server in access list or not ? if yes then what is the process

 

Thanks

Nagendra

3 REPLIES
Silver

hello - I have just moved

hello - I have just moved your post to the Topic forums - you had posted your question in an obscure, non-visible, promotional community.  Hopefully our community users will see your question now

Community Member

Nagendra, Figure out which

Nagendra,

 

Figure out which interface the traffic will leave the router towards the NTP server.  Just use the command "sh ip route X.X.X.X" where x.x.x.x is the ip address of the NTP server.  You will see an indication of which interface the traffic will egress the router.

Now, figure out what acls are applied on that egress interface.  Use the command "sh run int X" where X is the interface determined in step 1.  You might see both inbound and outbound ACLs.

Finally, modify those ACLs to permit traffic sourced from the router towards the NTP server on port 123.  You can specify which source ip the router should use for this query using the cisco command "ntp source X" where X is the interface name with the source IP you want the packets to be addressed from.

Of course, you will also need the router config line "ntp server X.X.X.X" to point it to the NTP time server too.

Hi,

Hi, as you can read here http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfacls.html "Access lists that are applied to interfaces do not filter traffic that originates from that router." So you don't need to modify the outgoing ACL. You just need to permit the NTP (UDP 123) traffic sent from the server within your inbound ACL(s) applied on the interface(s) on which you can receive the NTP packets sent from the server. Best regards, Milan
139
Views
0
Helpful
3
Replies
CreatePlease to create content