07-28-2020 01:56 AM
hi guys,
i am lookin to config PA 5220 as a NTP server for my lan network, this whole network is completely off of internet.
is it possible to config if yes what are the steps.
I tried keeping the Primary and secondary NTP fields blank, but if want to broadcast the PA local time on my LAn network, am unable to find further config settings.
Does anyone knows how to config PA as NTP server withoout Internet connectivity??
07-28-2020 02:36 AM
Hi @zaidshaikh,
Palo Altos cannot propagate NTP, so there is no NTP-proxy like DNS-proxy or so on.
If the network is air-gapped you should consider to get a NTP appliance, which will sync your whole network.
Having non-synched components is a nightmare for troubleshooting and forensics, so I would recommend getting a local NTP server (cluster)
07-28-2020 02:36 AM
Hi @zaidshaikh,
Palo Altos cannot propagate NTP, so there is no NTP-proxy like DNS-proxy or so on.
If the network is air-gapped you should consider to get a NTP appliance, which will sync your whole network.
Having non-synched components is a nightmare for troubleshooting and forensics, so I would recommend getting a local NTP server (cluster)
07-28-2020 02:56 AM
Thanks Checkoz,
We were using WIN server as a NTP server which was mapped to out DController and this WIN server was also configured a client of DC, due to which it experiences issues when the DC is going throu some problems.
By the way, meantime was lookin at our FGT FW, it can act as well as propagate NTP.
Anyways, thanks checko
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
