I was curious, so I tried to hit my firewall without making any changes to its current state.
I used a program call NetLab 1.4, freeware for windows. It has a time snyc function I use to keep my clocks updated. When I hit the main time server that worked through the firewall - salmon.maths.tcd.ie - my clocks are in sync. The program has options to sync via TCP, UDP or SNTP. When I hit the internet server, all work except the UDP protocol. It crashes Winsock on my winxp box. When I try to sync with the firewall INTERNAL IP Address - it fails on all EXCEPT SNTP, however that is so far off, it gave me the date from 1994. I logged on the firewall and did a date and/or hwclock command and it shows the correct date and time. When I try my external IP address, it only works with SNTP and then again it gives me a date from 1994. I hope this was able to help in your troubleshooting Date: Mon, 17 Mar 2003 07:00:00 -0600 From: Charles Steinkuehler <[EMAIL PROTECTED]> To: William Brinkman <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED] Subject: Re: [leaf-user] dachstein NTP Internal Time Server - Up and running William Brinkman wrote: > All, > > I put the NTP rpm in my mandrake 9.0 linux box. > > Set the ntp.conf "server" to 192.168.1.254 (firewall > address). Inserted a /etc/ntp.drift and put a 1 in > the file. Started the ntpd daemon. > > Tested out the troubleshooting guide and on the > mandrake box tried a: > > # ntpq -p 192.168.1.254 > > The results indicated that the firewall was doing its > job as a time server. The display indicated every > server I had in the conf file of the fire wall as well > as detailed statistics on how much they vary from each > other. > > Now the strange part: From the M$ box, using > Automachron time update software, the time will sync > fine to the mandrake box, but still has the socket > error for the firewall. > > Looks like I need to test some other software that > will be more forgiving with the firewall. Before you give up on your current setup, try pointing your M$ client to any other valid IP's on the firewall box (not just the internal interface IP). You should have at least one more IP: the IP of your external interface. This may not be an issue with the NTP server you're using, but I've had problems with IP aliases and NTP servers before. Things would seem to be working properly, but I couldn't get NTP clients to sync to any but the primary IP of an interface. Of course, if you've got a Mandrake box available, I'd just set that up as you local time server, and sync everything (including the firewall) to it. -- Charles Steinkuehler [EMAIL PROTECTED] ------------------------------------------------------- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
