PFSense as public NTP server
-
Dear,
I know PFSense has a NTP server on board for internal use. But i want to set my pfsense server as a part of the NTP Pool project. Do i just have to open port TCP 123 or do i have to do more?
Kris
-
I believe that you will have to open up port 123 on the WAN and also enable OpenNTP to run on the WAN.
-
openntp not really a good choice as ntp server imho. Not good way to monitor what its doing with ntpq or ntpdc, etc. like you can with the full ntp client. Its ok for keep some boxes time somewhat correct.
If you want to join the pool, just run full ntp on your pfsense box. Simple enough to do. This is what I did before I moved to virtual, now I use ntp on the actual host hardware as the ntp server vs the pfsense box.
-
I believe that you will have to open up port 123 on the WAN and also enable OpenNTP to run on the WAN.
I did that, but when i want to add the IP to the pool project, i get the error "Your servers hostname or IP address:Didn't get an NTP response from my.IP.address".
-
Is your WAN address really 10.0.0.1?
Is weepee01 your WAN interface?Steve
-
Is your WAN address really 10.0.0.1?
Is weepee01 your WAN interface?Steve
10.0.0.1 is my PFSense box (internal IP)
WAN interfaces are WeePee01 and EDPnet01 (dual wan setup)
-
You are port forwarding incoming ntp traffic to the pfSense LAN interface but you are running ntpd on WAN and not LAN.
Either enable ntpd on LAN as well (hold ctrl to select more interfaces) or remove the port forward and just set the firewall rule to the WAN interface.Similarly there is no need to port forward to the LAN interface for webGUI access. Just open a firewall hole to WAN.
Steve
-
Quite a stupid mistake! But indeed, it's working now!
Thanks a lot!
