Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NTP issues NAT bypassed?

    Scheduled Pinned Locked Moved NAT
    5 Posts 2 Posters 339 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JonathanLeeJ
      JonathanLee
      last edited by

      Screenshot 2023-12-15 at 10.01.53 PM.png
      (NTP accessing other server outside of firewall bypassing rules)

      How is this possible? I have no open ports for anything but the NAT port 123 redirect.

      Screenshot 2023-12-15 at 10.03.25 PM.png
      (rules that only allow access to port 123 with NAT)

      Is the access control lists not working anymore?

      Make sure to upvote

      JonathanLeeJ V 2 Replies Last reply Reply Quote 0
      • JonathanLeeJ
        JonathanLee @JonathanLee
        last edited by

        @JonathanLee

        Screenshot 2023-12-15 at 10.07.27 PM.png

        It shows a state here however.

        Make sure to upvote

        1 Reply Last reply Reply Quote 0
        • V
          viragomann @JonathanLee
          last edited by

          @JonathanLee
          What makes you think, that NTP is bypassed?

          To detect this, you would have to sniff the traffic on the WAN interface, not on the inside interface.

          JonathanLeeJ 1 Reply Last reply Reply Quote 0
          • JonathanLeeJ
            JonathanLee @viragomann
            last edited by

            @viragomann It is the 192.168.1.3 it should be getting an NTP from 192.168.1.1 inside the firewall right?

            Make sure to upvote

            V 1 Reply Last reply Reply Quote 0
            • V
              viragomann @JonathanLee
              last edited by

              @JonathanLee
              Your internal device is requesting NTP from a public IP. pfSense nats it to a local IP and translates the source in the respond packet back to the origin public IP, which the client was requesting.
              This is necessary that the client accepts the response. But I guess, nothing goes to the outside here.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.