Community discussions

MUM Europe 2020
 
chadd
Member
Member
Topic Author
Posts: 347
Joined: Fri Dec 31, 2004 2:40 am

NTP traffic firewall rules?

Wed Jan 29, 2014 1:03 am

We have an NTP server on our network that accesses the following out side servers for NTP info.

server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org

Is there a way to setup a firewall rule based off a DNS lookup of the server name? Those server IP addresses change based off of load. So I can't just enter the IP address of the current server and put it in the firewall rule.

Thanks,
Chadd
 
deejayq
Member Candidate
Member Candidate
Posts: 195
Joined: Wed Feb 23, 2011 8:33 am

Re: NTP traffic firewall rules?

Wed Jan 29, 2014 9:30 am

what are you trying to achieve?
 
chadd
Member
Member
Topic Author
Posts: 347
Joined: Fri Dec 31, 2004 2:40 am

Re: NTP traffic firewall rules?

Wed Jan 29, 2014 7:07 pm

what are you trying to achieve?
To allow communication to those time server clusters through our firewall while blocking all other NTP traffic. As mentioned the actual IP addresses of those NTP server clusters change based off of location and load.
 
efaden
Forum Guru
Forum Guru
Posts: 1711
Joined: Sat Mar 30, 2013 1:55 am
Location: New York, USA

Re: NTP traffic firewall rules?

Wed Jan 29, 2014 8:06 pm

You'd have to write a script to resolve them and then add to an address list.

Sent from my SCH-I545 using Tapatalk
 
chadd
Member
Member
Topic Author
Posts: 347
Joined: Fri Dec 31, 2004 2:40 am

Re: NTP traffic firewall rules?

Wed Jan 29, 2014 8:16 pm

You'd have to write a script to resolve them and then add to an address list.

Sent from my SCH-I545 using Tapatalk

That is the only option I had come up with also, I had hoped there was something easier that I didn't know about.
 
efaden
Forum Guru
Forum Guru
Posts: 1711
Joined: Sat Mar 30, 2013 1:55 am
Location: New York, USA

Re: NTP traffic firewall rules?

Wed Jan 29, 2014 8:19 pm

Nope... Not that I can think of. Not a terribly hard script...

Sent from my SCH-I545 using Tapatalk

Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 49 guests