cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
230
Views
0
Helpful
0
Replies
Highlighted
Beginner

Cisco IOS NTP forwarding to internal time source?

I'm not sure exactly how to word this but I'll do my best. I'm looking for a solution to keep NTP traffic internal to a network using Cisco IOS. Currently I have the below programming for NTP traffic to keep it internal. The question I have is, Can I get a specific IP to respond to all traffic in an internal network?

I know that several devices that can be connected to a network have dedicated programming that cannot be changed to denote an external only NTP source (i.e. Samsung proprietary time server, or nist.gov). Such as TV's, Cell Phones, etc. What I'm looking for is a way to forward that traffic regardless of destination to an internal NTP server and have it reply.

My current thought is that packet modification may be required but not familiar with that and not sure IOS can do it. Any advice will be greatly appreciated.

 

Current config:

ntp logging
ntp access-group peer RHD_Network_1
ntp update-calendar
ntp server 10.0.0.6 minpoll 10

!

remark Allow NTP Traffic from Source to Internal Network Only
permit udp host 10.0.0.1 10.0.0.0 0.0.0.255 eq ntp log-input
permit udp host 10.0.0.6 10.0.0.0 0.0.0.255 eq ntp log-input
remark Allow NTP Traffic to Internal Sources Only
permit udp 10.0.0.0 0.0.0.255 eq ntp host 10.0.0.1 log-input
permit udp 10.0.0.0 0.0.0.255 eq ntp host 10.0.0.6 log-input
remark Reject NTP UDP Requests to Internet
permit udp 10.0.0.0 0.0.0.255 any neq ntp
remark Deny any remaining inbound traffic
deny ip any any
!

 

Thanks

0 REPLIES 0