Page 1 of 1

NTP traffic firewall rules?

Posted: Wed Jan 29, 2014 1:03 am
by chadd
We have an NTP server on our network that accesses the following out side servers for NTP info.

server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org

Is there a way to setup a firewall rule based off a DNS lookup of the server name? Those server IP addresses change based off of load. So I can't just enter the IP address of the current server and put it in the firewall rule.

Thanks,
Chadd

Re: NTP traffic firewall rules?

Posted: Wed Jan 29, 2014 9:30 am
by deejayq
what are you trying to achieve?

Re: NTP traffic firewall rules?

Posted: Wed Jan 29, 2014 7:07 pm
by chadd
what are you trying to achieve?
To allow communication to those time server clusters through our firewall while blocking all other NTP traffic. As mentioned the actual IP addresses of those NTP server clusters change based off of location and load.

Re: NTP traffic firewall rules?

Posted: Wed Jan 29, 2014 8:06 pm
by efaden
You'd have to write a script to resolve them and then add to an address list.

Sent from my SCH-I545 using Tapatalk

Re: NTP traffic firewall rules?

Posted: Wed Jan 29, 2014 8:16 pm
by chadd
You'd have to write a script to resolve them and then add to an address list.

Sent from my SCH-I545 using Tapatalk

That is the only option I had come up with also, I had hoped there was something easier that I didn't know about.

Re: NTP traffic firewall rules?

Posted: Wed Jan 29, 2014 8:19 pm
by efaden
Nope... Not that I can think of. Not a terribly hard script...

Sent from my SCH-I545 using Tapatalk