Richard B. Gilbert wrote: > Isn't port 123 UDP inbound required as well?
Not on a stateful firewall, which are the most common type these days. In most firewall configuration tools, "allow UDP port 123 outbound" means that when a outbound packet is sent, the firewall will remember seeing it (that's the *stateful* part) allow a return UDP packet(s) from the destination IP and source port for a few seconds before closing things off again. This assumes all he is doing is configuring his NTP to act as a client to an internet-based NTP server. If he is going to be using symmetric/active or another mode, that's going to require allowing UDP port 123 inbound. But it doesn't seem to me that he would need to do anything like that. _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
