10-21-2019 07:49 AM
I am struggling to decide on an NTP design. The way I understand it is Cisco ASA cannot be NTP server only NTP client. Routers can act as NTP masters.
If you select "ntp master 1" and set ntp on the router to look at NIST, will this work? Are NIST server stratum 0?
10-21-2019 07:55 AM
- You don't necessarily need a stratum 0 server to connect with. Chaining up with the NTP servers provides by your ISP (or advised) will usually be sufficient.
M.
10-21-2019 08:36 AM
I agreed with other post, you not required to set number after master, basic to setup NTP master
setup clock
ntp server x.x.x.x prefer (if you want to get source from)
ntp server x.x.x.y you can alternative in the case above fails
ntp master - this act as a server
you can also have ACL to filter for the clients to use as master ntp.
10-21-2019 08:39 AM
10-21-2019 09:15 AM
If you do not like your Core Switch as Master, you can set up any small Linux or raspberry pi as NTP Server in your DMZ / Inside network for your NTP MAster, and NTP Server for your device. ( Since ASA can not be NTP Server for security reasons.)
If your NTP Server inside your network, make sure you have relevant ACL in place for getting NTP updates from the Internet.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide