I am stuck in NTP, deployed WLC CWA using ISE that is integrated with AD. I tried using AD as NTP source but no luck(universal fact that Cisco uses NTP where as Microsoft uses SNTP).
The issue is, if time is not synced between WLC, ISE and AD; web redirection stopped working and no authentication takes place.
I tried installting Meinbergglobal NTP software to distribute time to my Cisco devices. It does work with Cisco devices but it acts as master and do not sync its own time with AD.
I am trying to figure out a way to sync Cisco with Microsoft, is there any way in this world to do so???
Thanks in advance
Solved! Go to Solution.
I have my wlc's sync to my Cisco cats which upstream to out master cisco box. AD syncs to itself. Both are very close, I have no issues ..
You mean I should sync AD and all my cisco devices with global NTP server?
Yes and no. If you know your network well, doing this is a pain in the proverbial backside because you have to open firewall rules to everyone going out to the global NTP server.
The smart thing to do is what George has described. You select a few (between two to four) to go out to the internet to synchronize. Normally I would nominate our core routers do this. Next, all our distribution switches and core switches synchronize to our core routers. All our servers, PCs, printers, WLC, switches sychronize to our distro switches.