cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2664
Views
2
Helpful
8
Replies

Timezone information is not tranfered correctly to FDM 2140

Ditter
Level 4
Level 4

Hi to all,

recently purchased a 2140 and begun to set it up.

One problem i am facing is with NTP.

Although i have configured through FMC the timezone , when i issue the command show ntp in the ftd is shows me two clocks, one is utc and the other one the local one which are not related with the correct timezone.

> show time
UTC - Thu Mar 16 13:47:05 UTC 2023
Localtime - Thu Mar 16 09:47:06 EDT 2023

My clock is UTC+3 (due to winter time) and i have already configured the timezone (UTC+2) as well as summertime in the FTD.

The communication with our ntp server seems fine:

NTP Server : x.y.z.y
Status : Being Used
Offset : -0.005 (milliseconds)
Last Update : 47 (seconds)

In addition if i do "show time" again after 5-10 minutes in relation to my previous show time command it shows 42 minutes later! 

> show time
UTC - Thu Mar 16 14:29:54 UTC 2023  <--- 42 minutes updated

So i have two problems. 

1.The time seems unstable 

2. the correct time  is not shown with the show time command

Localtime - Thu Mar 16 10:29:55 EDT 2023

The ftd runs:

> show version
-------------------[ firepower ]--------------------
Model : Cisco Firepower 2140 Threat Defense (77) Version 7.0.1 (Build 84)

Any ideas?

 

Thanks, 

Ditter

 

1 Accepted Solution

Accepted Solutions

Hi, 

If you look on bugsearch you'll find a lot of bugs timezone related.

I noticed the same behavior on FTD 2110 running 6.7. Still, I don't see an issue with that, considering that as far as I remember, LINA has the correct timezone (platform settings) and syslog messages are UTC only. Just do a system support diagnostic-cli and show clock and see for yourself.

Still, if needed, please check this bug:

CSCwc24760 : Bug Search Tool (cisco.com)

BR, 

Octavian

 

View solution in original post

8 Replies 8

Ditter
Level 4
Level 4

Hi to all, the FTD does not get updated with the correct timezone and maybe this has to do with the FXOS. I noticed that the timezone in the FXOS is UTC:

firepower# show timezone
Timezone: UTC

Should i update the timezone int FXOS?  

Thanks,

Ditter

 

 

 

I do not think you can change the timezone on 2100 series. In 9300 and 4100 series on FXOS you can. as long as you have FTD managed by FMC. you can set the clock on FTD FROM FMC.

 

but having said that have you check this link https://www.cisco.com/c/en/us/td/docs/security/asa/fxos/config/asa-2100-fxos-config/cli.html

please do not forget to rate.

Ditter
Level 4
Level 4

Thanks,

i just discovered that changes that i do in FXOS cli can not be commited, therefore , the only way to do changes in thimezone are through the firepower cli or the FMC. 

But the problem is the following:

I have configured the timezone through FMC i deploy it the the FTD and the FTD instead of showing the timezone i applied, shows the following:

> show time
UTC - Mon Mar 20 11:35:31 UTC 2023
Localtime - Mon Mar 20 07:35:33 EDT 2023

And if i issue the command show user-time-zone shows the America/New_York timezone !

That is the reason i though it would be better to change this timezone from the FXOS (which i finally discovered i can not).


No username provided. Showing logged in user's time zone.

User name: admin
Time zone: America/New_York

So it seems that FMC does not update the FTD , because even after i push the UTC+1 , the time shows the America/New-york and all the logs in my ACLs have timestamps according to America/New_York.

Any ideas?

Thanks,

Ditter

 

 

 

have to tried FMC---->Devices--->Platform Settings

here a tab will open can you will see on the left side "Time Synchronization" here you have two option either Via NTP from Management Center or Via NTP from

 

SherazSalim_1-1679313759562.png

on the side note you have to adjust your FMC clock too according to your Time zone. at FMC GUI on the far right you have see the gear box, click on it and go to "Configuration"--->"Time Synchronization" here you can adjust your time.

please do not forget to rate.

Thanks for the help, both FMC and FTD are synchonzed to our NTP server. 

The clock is OK.  But what is not OK is the timezone on the FTD box. although i configured and deployed the correct timezone from fmc to ftd.

From the FTD CLI it shows:

> show time
UTC - Mon Mar 20 12:43:38 UTC 2023
Localtime - Mon Mar 20 08:43:40 EDT 2023  <-- This should be UTC+1 i.e.13:43 

What also seems strange is the fact that when i issue the command show user-time-zone admin i get as output that the timezone is America?new_York although i have configured for admin in the FMC the correct timezone via admin--> user preferences!

Ditter

> show user-time-zone admin
User name: admin
Time zone: America/New_York

Hi, 

If you look on bugsearch you'll find a lot of bugs timezone related.

I noticed the same behavior on FTD 2110 running 6.7. Still, I don't see an issue with that, considering that as far as I remember, LINA has the correct timezone (platform settings) and syslog messages are UTC only. Just do a system support diagnostic-cli and show clock and see for yourself.

Still, if needed, please check this bug:

CSCwc24760 : Bug Search Tool (cisco.com)

BR, 

Octavian

 

we running 6.7 and managed 12xFTD 2140 I do not see an issue (as mentioned the bug). if you have tac support worth opening a case with cisco.

please do not forget to rate.

Thanks Octavian, the answer was in the workaround of the bug in the link you proposed.Now the local time is updated correctly.

Review Cisco Networking for a $25 gift card