Description | This article describes how to make use of an NTP Server that is not connected with the default management VDOM which is root VDOM. |
Scope | From v6.4 and above. |
Solution |
The NTP is located on the internet and can be reached from the root VDOM, which is the default management VDOM. But in some scenarios, the NTP server could be directly connected to a VDOM that is not the management VDOM and in this case, the NTP server cannot be reachable from the Global, and the NTP connection breaks.
The Global VDOM is where we configure the NTP server and the connection goes from the root VDOM. So in this case we have two solutions.
NTP Server Directed connected to NTP-VDOM which is not the Management VDOM:
Setting up the NTP server Source IP address at the Global VDOM:
FGVM02TM23012898 (ntp) # show config system ntp set ntpsync enable set source-ip 172.16.1.1 <----- This is the Management Interface IP of the root VDOM. set server-mode enable set interface "port2" end
The Management interface IP of the root VDOM is set as the NTP server source IP at the Global VDOM. The NTP server is reachable from the root VDOM Management IP.
Verification Command: The below commands verify the FortiGuard NTP server used by the FortiGate firewall. config global |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.