cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1501
Views
0
Helpful
6
Replies

How to Sync clock on WLC ISE and AD

fahadafzal
Level 1
Level 1

Hi there,

I am stuck in NTP, deployed WLC CWA using ISE that is integrated with AD. I tried using AD as NTP source but no luck(universal fact that Cisco uses NTP where as Microsoft uses SNTP).

The issue is, if time is not synced between WLC, ISE and AD; web redirection stopped working and no authentication takes place.

I tried installting Meinbergglobal NTP software to distribute time to my Cisco devices. It does work with Cisco devices but it acts as master and do not sync its own time with AD.

I am trying to figure out a way to sync Cisco with Microsoft, is there any way in this world to do so???

Please help..

Thanks in advance           

1 Accepted Solution

Accepted Solutions

Leo Laohoo
Hall of Fame
Hall of Fame

DO NOT USE MS NTP/SNTP as a valid time source.  MS solution is the WORST method for SNTP/NTP because MS does NOT adhere to NTP/SNTP standards.

View solution in original post

6 Replies 6

Leo Laohoo
Hall of Fame
Hall of Fame

DO NOT USE MS NTP/SNTP as a valid time source.  MS solution is the WORST method for SNTP/NTP because MS does NOT adhere to NTP/SNTP standards.

Thanks for your prompt response.

The company does not want to sync with global NTP servers. Is there any other way to sync clock on all these devices??

If the company does not want to synchronize with the global NTP servers then the company can get a GPS-based NTP server.

This solution can be costly.

Sent from Cisco Technical Support Nintendo App

You mean I should sync AD and all my cisco devices with global NTP server?

Can you please suggest any reliable NTP server?

Thanks

I have my wlc's sync to my Cisco cats which upstream to out master cisco box. AD syncs to itself. Both are very close, I have no issues ..

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

You mean I should sync AD and all my cisco devices with global NTP server?

Yes and no.  If you know your network well, doing this is a pain in the proverbial backside because you have to open firewall rules to everyone going out to the global NTP server.

The smart thing to do is what George has described.  You select a few (between two to four) to go out to the internet to synchronize.  Normally I would nominate our core routers do this.  Next, all our distribution switches and core switches synchronize to our core routers.  All our servers, PCs, printers, WLC, switches  sychronize to our distro switches. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: