04-19-2014 05:00 AM - edited 03-04-2019 10:49 PM
Hello Everyone,
i have a router access list configured on both inbound and outbound interface, and i have a local NTP server in my network, now i want to router get time updated from that server , i know it is possiable but the quistion is that i have to permit that NTP server in access list or not ? if yes then what is the process
Thanks
Nagendra
03-31-2015 09:11 AM
hello - I have just moved your post to the Topic forums - you had posted your question in an obscure, non-visible, promotional community. Hopefully our community users will see your question now
03-31-2015 10:36 AM
Nagendra,
Figure out which interface the traffic will leave the router towards the NTP server. Just use the command "sh ip route X.X.X.X" where x.x.x.x is the ip address of the NTP server. You will see an indication of which interface the traffic will egress the router.
Now, figure out what acls are applied on that egress interface. Use the command "sh run int X" where X is the interface determined in step 1. You might see both inbound and outbound ACLs.
Finally, modify those ACLs to permit traffic sourced from the router towards the NTP server on port 123. You can specify which source ip the router should use for this query using the cisco command "ntp source X" where X is the interface name with the source IP you want the packets to be addressed from.
Of course, you will also need the router config line "ntp server X.X.X.X" to point it to the NTP time server too.
04-01-2015 12:02 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide