Based on the recommendation from other guys on the list I seem to have a stable config for my Cisco router. Below is how I configured my router.
The below configuration is from my router as such you will likely need to change the source interface and access-list numbers. Let me know if others have any suggestions or think this can be improved. Thanks, Will ! ! This is similar to a ntp drift file. If using a config on new hardware even if the same model do not copy this line. ! ntp clock-period 17180143 ! ! You want to set the interface that NTP sources all it's packets from. This should typically be your WAN port or if you have multiple WANs then your LAN port. ! ntp source Vlan3 ! ! Access list 10 will be used to only allow polling time from servers we know. ! access-list 10 permit "ip of the ntp server" ! ! Implicit deny at the end of the access-list. ! ntp access-group peer 10 ! ! Access list 11 will be used to let all clients poll. Denying IP's here would block addressees. ! access-list 11 permit any ntp access-group serve 11 ! ! IP address to pull time from remember to add the address to access-list 10 if you add additional servers. ntp server "ip of the ntp server"
_______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
