In article <[EMAIL PROTECTED]>, "Vanya" <[EMAIL PROTECTED]> writes: >Wondering what others might have to say about the possibility of >authenticating a NTP server from behind a NAT/Firewall. We are setting >up a system of certified email for cities in Italy. The authorities >want us to show that the servers in the cluster handling the email >traffic are communicating in an authenticated fashion with the local >NTP servers (located in Pisa).
Do you really want your mail servers behind a NAT box? I'd expect you would want them on a DMZ and that would also solve your NTP problems. If all your traffic goes through a single NAT box, then all your servers get block/black listed when one of your PCs gets infected or any of a zillion other problems causes spam/abuse to emit from your NAT box. Has anybody tried tunneling NTP traffic? -- These are my opinions, not necessarily my employer's. I hate spam. _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
