Can my Different VLAN's access my pfSense NTP Server?
-
Re: How can i create route to access NTP server located in another subnet?
I have three Networks configured on my pfSense box.
One Main LAN 192.168.1.1
One IOT LAN 192.168.2.1
One Guest LAN 192.168.3.1Can I have all three LAN's point to 192.168.1.1 for NTP time on my pfSense box?
Or, can I have each LAN point to it's own subnet for NTP Time e.g. 192.168.2.50 points to 192.168.2.1 to get NTP Time?Not clear on how this works. Thanks
-
@FrankZappa
From the other thread I got the impression, that you have this already working. Don't you?Can I have all three LAN's point to 192.168.1.1 for NTP time on my pfSense box?
Or, can I have each LAN point to it's own subnet for NTP Time e.g. 192.168.2.50 points to 192.168.2.1 to get NTP Time?Both options should work. You just have to ensure that you have a firewall rule in place, which allow the access to the destination IP and that you NTP server is listening on this IP. Services > NTP > Settings > Interfaces.
As I suggested in your other thread, you can just forward any NTP traffic to the desired IP. I'd suggest to 127.0.0.1. At filter rule association select "pass", so the traffic is automatically allowed.
For this purpose, I've created an interface group called "internal" and added such rules there:
-
@viragomann Thanks. I think I have it running. I typed in "ntpq -pn" on my Linux Minecraft server (On Guest LAN) and it spewed out all of the NTP servers I have configured on my pfSense box (All clients/LAN's use 192.168.1.1 as NTP server). However, I did not use any firewall rules to allow this to happen. Is it just happenstance that it works, or am I supposed to add a firewall rule?