Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Centos 6.5 - pfSense NTP - no server suitable for synchronization found

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 1 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Kaspatoo
      last edited by

      Hi,

      under Services pfSense Webgui offers configuration for NTP.
      No interface is selected (still tried selecting all or just some relevant interfaces).
      Additionally I can set serial GPS which is currently none and service is running (showed by a green play button).

      As far as I understand this configuration is about to offer NTP services for other clients.

      Under System -> General Setup I am able to set several time servers where pfSense itself can synchronize its time with. Because we do not have internet access here the given server set does not work which for us is no problem. So we set time of pfSense manually.

      There are several client within the network behind pfSense. The do have different times than pfSense has.
      For testing I tried to run a simple query to get the current time from pfSense:

      sudo ntpdate -q 172.12.34.56

      I am getting this response:

      server 172.12.34.56, stratum 16, offset 8300.075787, delay 0.02582
      17 May 15:26:57 ntpdate[26482]: no server suitable for synchronization found

      A ping does work fine, also every port forwardings and outbound connections do work.

      There are some firewall rules and one of them is like the following:
      Protocol:  IPv4*
      Source:  172.12.0.0/16
      Port: *
      Destination:  *
      Port: *
      Gateway: *
      Queue: none

      There are no blocking firewall rules, only passing ones.
      So I expect to have every port opened probably neccessary. Additionally I would expect to let pfSense create Port openings itself when "enabling" NTP.
      Am I missing something here?

      When being under Services -> NTP I am also able to click a little button in the upper right (where the buttons to start and stop the service also are placed) named "status of items on this page".

      There are two entries:
      Status Server Ref ID Stratum Type When Poll Reach Delay Offset Jitter
      Unreach/Pending 192.53.103.108 .INIT. 16 u - 512 0 0.000 0.000 0.000
      Unreach/Pending 131.188.3.221         .INIT. 16 u - 512 0 0.000 0.000 0.000

      I thought pfSense is offering NTP of its current time and date.
      Whil pfSense is able to synchronize with other time servers.
      Or am I wrong, and pfSense is only forwarding expernal time servers to the internal network?
      This would explain that internal client to not get a connection because the external timeservers are not reachable due to missing internet connection.

      Is there a way then to let clients synchronize theier time with the time manually set on pfSense?

      Thanks in advance.

      If you need further information, just request for it.

      1 Reply Last reply Reply Quote 0
      • K
        Kaspatoo
        last edited by

        After testin in an other environment we were able to confirm that pfSense is just working als a relais.

        NTP for Clients against pfSense is only working if pfSense itself has valid connections to at least on other/ real NTP server.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.