Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1989
Views
15
Helpful
5
Replies

Can Cisco ISE run normally without NTP server?

Go to solution
jj2048
Level 1
Level 1

‎11-09-2021 01:12 AM

Upon discussing the requirements for installing Cisco ISE, our customer was not able to provide an NTP server address, as they don't have one yet.

 

As the title implies, can Cisco ISE run normally without an NTP server?

 

The deployment will be Two Standalone Nodes in HA.

 

What do you normally place on the NTP server address on the initial setup if this is possible?

 

Thank you in advance.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎11-09-2021 02:11 AM

Hi,

Installation will go through even if you put a dummy IP but you will run
into an endless number of problems. AD integration won't work because there
is a restriction on the allowed tick slips between ISE and AD clocks.
Certificates might expire which will interrupt ISE operation.

Short answer don't give your customer the option to install ISE without
NTP. In fact you should encourage them to use NTP as this is networking 101
for any organization. Its as simple as making internet routing polling
from pool.ntp.org and ISE sync from your router.

**** please remember to rate useful posts

View solution in original post

5 Replies 5

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎11-09-2021 02:11 AM

Hi,

Installation will go through even if you put a dummy IP but you will run
into an endless number of problems. AD integration won't work because there
is a restriction on the allowed tick slips between ISE and AD clocks.
Certificates might expire which will interrupt ISE operation.

Short answer don't give your customer the option to install ISE without
NTP. In fact you should encourage them to use NTP as this is networking 101
for any organization. Its as simple as making internet routing polling
from pool.ntp.org and ISE sync from your router.

**** please remember to rate useful posts

Go to solution
marce1000
VIP
VIP
In response to Mohammed al Baqari

‎11-09-2021 02:43 AM

 

        >....don't give your customer the option to install ISE without NTP

                          Indeed!

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Go to solution
jj2048
Level 1
Level 1
In response to Mohammed al Baqari

‎11-09-2021 01:53 PM

Thank you Mohammed for your explanation. This has been very helpful.
I will do recommend that they set up their NTP soon.

0 Helpful

Go to solution
thomas
Cisco Employee
Cisco Employee

‎11-09-2021 06:31 AM

Assuming you allow ISE Internet access, use time.nist.gov or pool.ntp.org

Go to solution
jj2048
Level 1
Level 1
In response to thomas

‎11-09-2021 01:54 PM

Thank you thomas, 

I'll try this on our test bench.

I'll also ask what they use on their AD's as NTP server to match it with ISE for the time being.

0 Helpful
Customers Also Viewed These Support Documents