Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2074
Views
0
Helpful
5
Replies

I'm not sure how I messed up my time synchronization so badly

confused_guy45
Level 1
Level 1

‎06-09-2016 07:45 AM - edited ‎03-12-2019 06:02 AM

Hello,
One of my ASAs has a critical error of being out of sync. The weird part... is that my policy can shut off or turn on the time synchronization option and the error goes away, but then says it's another ASA having the time sync problem. If I log in individually to each ASA vid ADSM, all of the times are correct and seem to be syncing from NTP servers properly. Going to VMware vSphere, the time clock seems correct there as well.

So if it's not my policy, and it's not actually off, what is the time synchronization referring to? I appreciate any help!

Labels:
0 Helpful
5 Replies 5

yogdhanu
Cisco Employee
Cisco Employee

‎06-09-2016 08:53 AM

Hi

Are you talking about the ASA-SFR modules or the ASA itself?

If you are talking about the SFR, are you managing it with Firesight? where you see the time sync error?

If that's the case, you need to make sure system policy or platform settings is configured where the SFR sensor is pointing to a NTP server or the Firesight itself.

Rate if helps.

Yogesh

0 Helpful

confused_guy45
Level 1
Level 1
In response to yogdhanu

‎06-09-2016 09:26 AM

I'm inside of the Cisco Firepower Management Center and on the top-right it says a few critical errors based on time synchronization.

I do see some unused platform settings targeting 0 devices, I just have been using a basic health policy. Time synchronization monitoring is turned off though.

On the places where it's asking for time servers, I have:
0.sourcefire.pool.ntp.org, 1.sourcefire.pool.ntp.org, 2.sourcefire.pool.ntp.org, 3.sourcefire.pool.ntp.org

I appreciate your help!

0 Helpful

yogdhanu
Cisco Employee
Cisco Employee
In response to confused_guy45

‎06-09-2016 09:52 AM

You need to configure platform settings policy with time sync pointed to FMC. Then on the system>configuration >time settings and point that to NTP servers which you mentioned is already there.

In the platform settings, include your sensors and then deploy changes. sensors should be able to sync time with FMC.

Rate if helps.

Yogesh

0 Helpful

evan.chadwick1
Level 1
Level 1
In response to yogdhanu

‎06-09-2016 07:55 PM

i Second that. .

Follow those steps and it'll come right

0 Helpful

Jetsy Mathew
Cisco Employee
Cisco Employee

‎06-09-2016 10:24 PM

Hello Team,

Here is the reference for the NTP issues techzone  :-

http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118626-technote-firesight-00.html

Rate if this answer helps you.

Regards

Jetsy 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card