I have given the commands in my router and is fine. But when
I give the
command
Ntp server source x.x.x.x source inside the pix is not able
to synchronize
time from my router
I gave an access-list
Access-list outbound permit udp host host eq ntp
Below how it is connected.
PIX
Inside [internal ip]----PIX Outside IP [valid ip]
----Router[valid
ip[--Internet
My pix still not synchronizing time from my router. Please
help
Thanks
Guruprasad
-----Original Message-----
From: nobody groupstudy.com [mailto:nobodygroupstudy.com]
Sent: Tuesday, May 30, 2006 5:49 PM
To: ciscogroupstudy.com
Subject: RE: PIX as NTP Client [7:110520]
Personally I hate holes in my firewall, they're insecure.
NTP protocol in itself in not a secure protocol. It's a
little better if you
are using advanced authentication methods.
If you've got a decent switch or router inside the network,
that can access the internet, setup a NTP Stratum 3 server
there.
set your PIX time off that switch/router. I run all my
servers and desktops
500+ off my NTP server running IOS on a 4006. There is
minimal overhead.
ntp master 3
ntp server xxx.xxx.xxx.xxx prefer
then on your pix set
ntp server source inside
no holes in the firewall.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7
&i=110561&t=110520
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.
groupstudy.com/list/cisco.html
|