Hi Thanks for the reply. I have tried it on my firewall and it works fine with just the udp port open. The literature that I have read says that it does not use tcp. The odd thing is that the xntpd server runs fine on a machine on the LAN with no ports open but won't run on the web server. There must be a setting somewhere in the DMZ that I don't understand. I am new to running a DMZ and I don't quite understand it yet. I wanted to put it on the DMZ to avoid running another vulnerable process on the firewall. Any clue as to why it would run on the internal LAN and not the DMZ would be appreciated. I thought that they were both masqued to the outside world. Thanks for any help. Robert
>Hi Robert, > >I was asking on the use of 'rdate' with 'xntpd'. Since I run xntpd on the >router, open ntp ports would suffice. I did open both TCP and UDP. Could you >also add TCP port and see if it is OK? Then close the unused ports later. > > >-----Original Message----- > >--__--__-- > >Message: 8 >Date: Sun, 24 Feb 2002 20:51:16 -0800 >From: Robert Williams <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: [Leaf-user] NTP > >Hi, > >I recently saw a discussion about ntp so I am sorry if I am repeating >a question. I didn't pay attention then as I had other fish to fry. > >I am using DS cd 1.02 and I want to set up a ntp server for private >use. I thought about putting it on the firewall but decided to put it >on the web server instead. Safer?? My problem is this. When I use >ntpdate from the webserver on a private dmz, everything works great. >With no holes opened (masqued). However when I use xntpd (which is >preferable) then it no longer works. My assumption was that it wasn't >getting its return replies. so I tried to ipmlement it as a server by >opening udp 123 etc.. However that isn't working either. The changes >I made to network.conf are.... >DMZ_SERVER1="udp $EXTERN_IP ntp 192.168.2.1 ntp" >EXTERN_UDP_PORTS="0/0_domain 0/0_bootpc 0/0_ntp" > >Am I forgetting something here?? Any help is appreciated. >Thanks, Robert > >_______________________________________________ >Leaf-user mailing list >[EMAIL PROTECTED] >https://lists.sourceforge.net/lists/listinfo/leaf-user ////////////////////////////////////// / Robert Williams [EMAIL PROTECTED] / \ It's a Wacky....Wacky World \ \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
