01-15-2008 03:40 PM - edited 03-05-2019 08:29 PM
I do have question if I may....I have a NTP server configured on my LAN that is synced by GPS...so I configured the router to get it's time from the server(192.168.0.1) but I keep getting the message: %NTP-4-PEERUNREACH: Peer 192.168.0.1 is unreachable.
Here is my config file:ATTACHED
Solved! Go to Solution.
01-15-2008 07:09 PM
I have looked at the config that you posted and I do not see any particular errors that would impact NTP.
I will disagree somewhat with my colleague Hieu and observe that I believe that the original access list entry is ok. His entry is ok as well. This is because NTP is one of the few protocols in which the source port and the destination port are exactly the same value.
I wonder about your statement in the original post in which you mention that the NTP server is synced by GPS. This leads me to assume that the NTP server is not a Cisco device (since I am not aware of any of them that sync to GPS) and I wonder what kind of device and what OS it is. I wonder if it is a Windows server? If it is a Windows server is it running the native MS time service or is it running some other software for NTP?
Be aware that by default Windows servers maintain time by a different protocol than NTP and do not serve as NTP servers for network devices.
Perhaps you can clarify what kind of machine this is and what time software that it is running?
HTH
Rick
01-15-2008 04:34 PM
Are you able to ping 192.168.0.1 from this router? Try opening NTP UDP 123 port in this router.
01-15-2008 05:04 PM
Hello,
Yes I can ping 192.168.0.1
Here are the NTP statements in my config file:
ntp logging
ntp server 192.168.0.1 source FastEthernet1/0 prefer
access-list 102 permit udp host 192.168.0.1 eq ntp host 192.168.0.50 eq ntp
01-15-2008 05:13 PM
can you try:
access-list 102 permit udp host 192.168.0.1 host 192.168.0.50 eq ntp log (removing the eq ntp after 192.168.0.1)
check your access-list 102 to see if you got any hits for this particular exception.
also, is there any other access-list in host 192.168.0.1 that might prevent ntp communication between these 2 servers?
01-15-2008 07:09 PM
I have looked at the config that you posted and I do not see any particular errors that would impact NTP.
I will disagree somewhat with my colleague Hieu and observe that I believe that the original access list entry is ok. His entry is ok as well. This is because NTP is one of the few protocols in which the source port and the destination port are exactly the same value.
I wonder about your statement in the original post in which you mention that the NTP server is synced by GPS. This leads me to assume that the NTP server is not a Cisco device (since I am not aware of any of them that sync to GPS) and I wonder what kind of device and what OS it is. I wonder if it is a Windows server? If it is a Windows server is it running the native MS time service or is it running some other software for NTP?
Be aware that by default Windows servers maintain time by a different protocol than NTP and do not serve as NTP servers for network devices.
Perhaps you can clarify what kind of machine this is and what time software that it is running?
HTH
Rick
01-15-2008 07:57 PM
I am running an actual NTP SERVER PRODUCT on a Windows 2003 Server..it DOES NOT use the windows time service...and I have a Garmin GPS-25LP module/GPS receiver that the NTP SERVER PRODUCT sync's too....This Window 2003 Server is the MASTER NTP SERVER for my entire Domain....and it "serves" the NTP (Version3/4) protocol to all other NTP aware servers/workstations/switches on the Domain. I have set this up for many of my clients.
So with that said(probably way overboard)...I will wait and see if you have any other suggestions....
Thanks,
Dave
01-15-2008 08:48 PM
I managed to get this working....looks like it was a setting on my NTP SERVER PRODUCT....
Thanks for the help...........
01-16-2008 04:03 AM
I am glad that you got it working. The fact that it seems to be an issue with a setting in your NTP server product supports my opinion that there was not a problem in the router config that you posted.
Thank you for using the rating system to indicate that your problem was resolved (and thanks for the rating). It makes the forum more useful when people can read about a problem and can know that they will read a solution to that problem.
The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum.
HTH
Rick
01-16-2008 05:23 PM
Thanks very much for the clarification, Rick.
You're certainly a great resource in this forum.
hieu
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide