On a FMC/FTD environment, any ideas how to intercept and redirect NTP and/or DNS traffic from specific clients? There are a few appliances with hardcoded NTP/DNS entries, which I would totally prefer to use my internal systems to provide them access to these resources, instead of blocking them, or letting them go thru on their own. The catch is, I don't always know the destination IP address - particularly true for the pool of NTP servers.
I know I can do a static NAT when I do know the destination address(es): have this working on a similar scenario, but with the randomness of the NTP pool of servers, this is pretty tricky...
[Edit] Well, never mind: it seems I can add my very own "IPv4-Any" object instead of trying to use the system provided "any-ipv4", and that does the trick.
Thanks!