We tried to get the NTP server working, but it seems that no matter what we do, NTP requests to the firewall get dropped. Anyone else able to get it working?
Do you see the dropped packets in the packetfilter log? Are you sure they are dropped by packetfilter? Maybe there is another problem? I made a test on my ASG v7. The packetfilter wasn't the problem. On my machine the problem was that the ntp client was not able to syncronize, because on the ASG the hardware clock was not set to the systemtime. Is your v7 installed on a VMWare? If yes, that's the problem. On VMWare the systemclock might run slower or faster than on a normal hardware. If you are familiar with linux, login to console and execute `hwclock --systohc`. This syncronized the systemtime to hwardwareclock. Then try again to use ntp.
Got it working once the internet connection was established.
In my linux workstation pointed the NTP request at the firewall address and away it went. I have port 123 blocked by default in the filter rule while trying out the proxies.
Ian M
[You to need a nat/masq rule if you don't have a general outgoing one, as the ntp is a server, not a proxy, I think. edited ian m]
Ah, thanks for the tip. I figured out that I didn't have any interfaces with a default route set which caused all sorts of issues. Setting a default route for some reason gets the ntp service working...
Ah, thanks for the tip. I figured out that I didn't have any interfaces with a default route set which caused all sorts of issues. Setting a default route for some reason gets the ntp service working...
