In a pinch you can use a fortigate as a local LAN ntp-server for ipv4 or ipv6 clients. It's not ideal imho due that excess clients can create various issues. Also you have no reliable means for filtering who can query your fortigate firewall as a ntp_client without deploying a local-in firewall policy.
Here in this blog, we've have a basic ntp-configuration with the interface wifi set for answering ntp queries.
To debug ntp, you can use fortinet wonderful diagnostic application function;
On my mac, I'm used the ntpq or ntpdc query application for validate of sync.
ntptrace did not work btw
Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( * * )=
o
/ \
No comments:
Post a Comment