Solved: Timezone information is not tranfered correctly to FDM 2140

Ditter · ‎03-16-2023

Hi to all,

recently purchased a 2140 and begun to set it up.

One problem i am facing is with NTP.

Although i have configured through FMC the timezone , when i issue the command show ntp in the ftd is shows me two clocks, one is utc and the other one the local one which are not related with the correct timezone.

> show time
UTC - Thu Mar 16 13:47:05 UTC 2023
Localtime - Thu Mar 16 09:47:06 EDT 2023

My clock is UTC+3 (due to winter time) and i have already configured the timezone (UTC+2) as well as summertime in the FTD.

The communication with our ntp server seems fine:

NTP Server : x.y.z.y
Status : Being Used
Offset : -0.005 (milliseconds)
Last Update : 47 (seconds)

In addition if i do "show time" again after 5-10 minutes in relation to my previous show time command it shows 42 minutes later!

> show time
UTC - Thu Mar 16 14:29:54 UTC 2023 <--- 42 minutes updated

So i have two problems.

1.The time seems unstable

2. the correct time is not shown with the show time command

Localtime - Thu Mar 16 10:29:55 EDT 2023

The ftd runs:

> show version
-------------------[ firepower ]--------------------
Model : Cisco Firepower 2140 Threat Defense (77) Version 7.0.1 (Build 84)

Any ideas?

Thanks,

Ditter

Octavian Szolga · ‎03-20-2023

Hi,

If you look on bugsearch you'll find a lot of bugs timezone related.

I noticed the same behavior on FTD 2110 running 6.7. Still, I don't see an issue with that, considering that as far as I remember, LINA has the correct timezone (platform settings) and syslog messages are UTC only. Just do a system support diagnostic-cli and show clock and see for yourself.

Still, if needed, please check this bug:

CSCwc24760 : Bug Search Tool (cisco.com)

BR,

Octavian

View solution in original post

Ditter · ‎03-20-2023

Hi to all, the FTD does not get updated with the correct timezone and maybe this has to do with the FXOS. I noticed that the timezone in the FXOS is UTC:

firepower# show timezone
Timezone: UTC

Should i update the timezone int FXOS?

Thanks,

Ditter

Sheraz.Salim · ‎03-20-2023

I do not think you can change the timezone on 2100 series. In 9300 and 4100 series on FXOS you can. as long as you have FTD managed by FMC. you can set the clock on FTD FROM FMC.

but having said that have you check this link https://www.cisco.com/c/en/us/td/docs/security/asa/fxos/config/asa-2100-fxos-config/cli.html

please do not forget to rate.

Ditter · ‎03-20-2023

Thanks,

i just discovered that changes that i do in FXOS cli can not be commited, therefore , the only way to do changes in thimezone are through the firepower cli or the FMC.

But the problem is the following:

I have configured the timezone through FMC i deploy it the the FTD and the FTD instead of showing the timezone i applied, shows the following:

> show time
UTC - Mon Mar 20 11:35:31 UTC 2023
Localtime - Mon Mar 20 07:35:33 EDT 2023

And if i issue the command show user-time-zone shows the America/New_York timezone !

That is the reason i though it would be better to change this timezone from the FXOS (which i finally discovered i can not).

No username provided. Showing logged in user's time zone.

User name: admin
Time zone: America/New_York

So it seems that FMC does not update the FTD , because even after i push the UTC+1 , the time shows the America/New-york and all the logs in my ACLs have timestamps according to America/New_York.

Any ideas?

Thanks,

Ditter

Sheraz.Salim · ‎03-20-2023

have to tried FMC---->Devices--->Platform Settings

here a tab will open can you will see on the left side "Time Synchronization" here you have two option either Via NTP from Management Center or Via NTP from

on the side note you have to adjust your FMC clock too according to your Time zone. at FMC GUI on the far right you have see the gear box, click on it and go to "Configuration"--->"Time Synchronization" here you can adjust your time.

please do not forget to rate.

Ditter · ‎03-20-2023

Thanks for the help, both FMC and FTD are synchonzed to our NTP server.

The clock is OK. But what is not OK is the timezone on the FTD box. although i configured and deployed the correct timezone from fmc to ftd.

From the FTD CLI it shows:

> show time
UTC - Mon Mar 20 12:43:38 UTC 2023
Localtime - Mon Mar 20 08:43:40 EDT 2023 <-- This should be UTC+1 i.e.13:43

What also seems strange is the fact that when i issue the command show user-time-zone admin i get as output that the timezone is America?new_York although i have configured for admin in the FMC the correct timezone via admin--> user preferences!

Ditter

> show user-time-zone admin
User name: admin
Time zone: America/New_York

Octavian Szolga · ‎03-20-2023

Hi,

If you look on bugsearch you'll find a lot of bugs timezone related.

I noticed the same behavior on FTD 2110 running 6.7. Still, I don't see an issue with that, considering that as far as I remember, LINA has the correct timezone (platform settings) and syslog messages are UTC only. Just do a system support diagnostic-cli and show clock and see for yourself.

Still, if needed, please check this bug:

CSCwc24760 : Bug Search Tool (cisco.com)

BR,

Octavian

Sheraz.Salim · ‎03-20-2023

we running 6.7 and managed 12xFTD 2140 I do not see an issue (as mentioned the bug). if you have tac support worth opening a case with cisco.

please do not forget to rate.

Ditter · ‎03-20-2023

Thanks Octavian, the answer was in the workaround of the bug in the link you proposed.Now the local time is updated correctly.