Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Choose interface for listening

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 3 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      timberwolf1
      last edited by

      Hi,

      I'm running pfsense 2.1.3 and I'm wondering how to configure on which interface ntp (slave) and updater should listen.
      Usually the WAN interface (where these services are listening) is connected to the internet and there is no problem. But in my network I have "transport networks" on the WAN interfaces and ntp and the updater does not work.
      If these services could be configured somewhere or would listen on a LAN interface they should work I think.
      Has someone else run into that problems and already solved that?

      TIA!

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        As far as I know, NTP talks upstream on the WAN interface only and serves to clients on whatever interfaces you select in Services - NTP.  I don't know if you can change this behaviour.  Even if you could, unless you've got your own atomic clock on your LAN, how would you get the time from LAN?

        1 Reply Last reply Reply Quote 0
        • T
          timberwolf1
          last edited by

          …because LAN (interface) has usually access to the internet, but not any "transport network".

          Regards

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            LAN only has access to the Internet via WAN, no?  So if you can't get the time via WAN…?  Maybe I'm not understanding your problem, sorry.

            1 Reply Last reply Reply Quote 0
            • T
              timberwolf1
              last edited by

              No - Wan Interface has no Internet Access - thats the problem! Internet Access is elsewhere…..
              WAN interface on pfSense1 has no Internet. But NTP is Listening on this interface. When I can change NTP to LAN Interface everything would be ok. On pfSense2 NTP is working because it has Internet Connection.

              WAN / Internet
                          :
                          : DialUp-/PPPoE-/Cable-/whatever-Provider
                          :
                    .-----+-----.
                    |  Gateway  |  (or Router, CableModem, whatever)
                    '-----+-----'
                          |
                      WAN | IP or Protocol
                          |
                    .-----+-----.  priv. DMZ  .------------.
                    |  pfSense2  +-------------+ DMZ-Server |
                    '-----+-----' 172.16.16.1 '------------'
                          |
                      WAN | 10.0.0.1/24
                          |
                    .-----+------.
                    | pfSense1|
                    '-----+------'
                      LAN | 192.168.5.0/24
                  ...-----+------... (Clients/Servers)

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                In your diagram the pfSense 1 box still has its WAN interface as the gateway to the pfSense2 box and then the internet in general.
                You could run the NTP server on pfSense2 and have pfSense1 use that.
                The NTP client uses the default route so you mighty change that.
                You may be able to use a floating firewall rule to direct ntp requests.

                Steve

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.