Question
-
Topic
-
Windows Time Service
LockedI am trying to get my domain controller to synchronize it’s time with the ntp pool of time servers and it is not working. When I use the “net time /querysntp” command it shows that the dc is pointing to the correct time sources but I keep getting these errors saying the time sources are unavailable and that the computer has no accurate source of time.
This used to work fine when I had my OpenBSD firewall. I had the OpenBSD firewall box sync it’s time with the time servers and then I had the dc sync it’s time with the OpenBSD box. Never had a problem with that setup.
I installed a new Cisco ASA 5510 a few weeks ago and I have it configured to sync time with the ntp pool of servers and that appears to be working fine. I tried to configure my dc to sync with the router but that didn’t work. (I don’t think the router has the ability to serve time). Then I tried having the dc sync directly with the ntp pool but that isn’t working either.
I can successfully do a packet trace from the dc to the time servers using the NTP port but I’m not sure about the return path. Do I need to create a firewall rule to allow this to work? Any help would be greatly appreciated.