Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Open for egress traffic to NTP pool?

    Scheduled Pinned Locked Moved Firewalling
    9 Posts 2 Posters 1.1k Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F Offline
      furom
      last edited by furom

      This post is deleted!
      F 1 Reply Last reply Reply Quote 0
      • F Offline
        furom @furom
        last edited by

        @furom Well, the outbound NAT rule did not help in my case, though missing to begin with. Any other ideas?

        bingo600B 1 Reply Last reply Reply Quote 0
        • bingo600B Offline
          bingo600 @furom
          last edited by

          @furom
          Kind of hard to help if you delete your posts.

          NTP is UDP/123 , and since it's a pool , you would. prob have to permit "to any"

          What is talking to the NTP Pool ?
          pfSense it self or clients ?

          /Bingo

          If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

          pfSense+ 23.05.1 (ZFS)

          QOTOM-Q355G4 Quad Lan.
          CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
          LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

          F 1 Reply Last reply Reply Quote 0
          • F Offline
            furom @bingo600
            last edited by

            @bingo600 Hi, thanks for replying. Not sure what happened, I think it may have been flagged...

            I have a redirect from my local LANs to pfSense, where the NTP server is running, and yes, that should talk to the pool

            bingo600B 1 Reply Last reply Reply Quote 0
            • bingo600B Offline
              bingo600 @furom
              last edited by bingo600

              @furom
              Is pfSense NTP Syncing to the pool fine ??

              Status --> NTP

              2889af8c-4f32-4891-97ae-c3f2e8dff532-image.png

              Note the "Pool" it self will always show as "unreachable"
              But members of the pool should be reachable.

              Stratum below 16 is "valid" , lowest best
              Reach = 377 ==> Best connectivity

              If you see an "Active peer" your pfSense NTP is "sync'ed" , and the challenge lies within your NAT forward rule.

              Do you see any block/deny's in the pfSense log ?

              If any of this usable ?
              https://forum.netgate.com/topic/156236/redirect-ntp-to-pfsense-not-working-for-me/10

              /Bingo

              If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

              pfSense+ 23.05.1 (ZFS)

              QOTOM-Q355G4 Quad Lan.
              CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
              LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

              F 1 Reply Last reply Reply Quote 1
              • F Offline
                furom @bingo600
                last edited by furom

                @bingo600 No, it does not sync with the pool, this is what it looks like for me;
                ntp.png
                I will check the link you posted, thanks

                F 1 Reply Last reply Reply Quote 0
                • F Offline
                  furom @furom
                  last edited by furom

                  @furom Still not working, but tried adding a floating rule (disabled in the pic as it didn't work);
                  ntp_float_rule.png

                  bingo600B 1 Reply Last reply Reply Quote 0
                  • bingo600B Offline
                    bingo600 @furom
                    last edited by bingo600

                    @furom
                    Unless you have done something "Non standard" on the WAN interface , you do not need to allow anything on the Wan interface , in order to sync to NTP.

                    Is your pfSense conected directly to the internet, or via an ISP router ?

                    Could it be your ISP, that is blocking NTP ?
                    A bit unusual i'd say if they do but ......

                    How does your Settings --> NTP look ?
                    998bcd52-11cc-4244-a083-e19defe5ecaf-image.png

                    Remember ...
                    Selecting no interfaces here , will make NTP listen on all IF's , prob what you want.

                    You didn't get creative , and make some ACL's did you ?

                    /Bingo

                    If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

                    pfSense+ 23.05.1 (ZFS)

                    QOTOM-Q355G4 Quad Lan.
                    CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                    LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

                    F 1 Reply Last reply Reply Quote 1
                    • F Offline
                      furom @bingo600
                      last edited by

                      @bingo600 said in Open for egress traffic to NTP pool?:

                      Unless you have done something "Non standard" on the WAN interface , you do not need to allow anything on the Wan interface , in order to sync to NTP

                      Thanks! Looking in settings, turned out I somhow only had chosen localhost... Adding the lans to the mix resulted in an active peer! :)

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.