Ntp problem
-
First of all I apologize for my English, as I am an Italian speaker.
I have a little wan with such a config:
1 Linux machine in the main site, that acts as the main endpoint of a OpenVPN Wan, with a Webmin interface, and that is the Certification Authority of my private PKI.
10 Wrap on the remote sites, with PFSense on them (various versions). Every wrap is a OpenVPN client, with PKI Authentication.
The whole sistem is (as it should be) very time sync sensitive. So the main site is a time reference for all the remote wraps, and i'm using the IP number of the main site as a time reference on the General Setup of the wraps.
This config works well for me, except that sometimes some (3) of the remote sites, when they start after a weekend stop, don't sync the time, and the openVPN network does't work (time issues).
I must enter on the config of the remote wraps, go on the General Setup menu, press the "Save" button, and everything works. Sometimes I have to do the same thing (confirm the actual setup) on the OpenVPN client page. Obviously these three wraps have the most recent PFSense (now 1.2 b1).
Now, why have I this problem only in some sites and not on all?
Is there a way to restart NTP on the wraps 5 minutes after the start of the FW so I am sure that everything works?
Is this a problem of other sites?Thanks in advance
-
It sounds like the systems have some problem getting their WANs up in time. WRAPs unfortunately don't have a battery for their RTC by default so they will come up with an invalid time after powerloss. To make sure the ntp is getting started you could add a cron item to kick it off (though that should not be needed but give it a try). Download the config.xml from these systems and edit it. You'll find some CRON items at the end of your config.xml. You can add a new one there, then reupload the config again.
-
Thank You Hoba!
It looks like working!
I will do some other tries.Thank you for all your good work
fridaynoon