Text only | Text with Images

OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: edz on March 06, 2021, 07:45:50 AM

Title: MacOS sntp errors
Post by: edz on March 06, 2021, 07:45:50 AM
I'm trying to verify that my MacOS client is connecting to OPNSense for NTP requests but I'm receiving 'Exchange failed: Kiss of death and Exchange failed: Time out" errors.

Checking Apple's time servers, all seems OK:
Code Select
❯ sudo sntp -sS time.apple.com
+0.236213 +/- 0.000137 time.apple.com 17.253.116.253

Now, checking the OPNSense firewall:
Code Select
❯ sudo sntp -sS 192.168.1.1
sntp: Exchange failed: Kiss of death
sntp: Exchange failed: Timeout
sntp: Exchange failed: Timeout
sntp: Exchange failed: Timeout
+0.235124 +/- 0.131470 192.168.1.1 192.168.1.1

Running with the debug flag:
Code Select
sudo sntp -d opnsense.home.lan
  leap:                     0
    t1:    E3EDA340.A5B18548  (bytes)
    t1:  3824001856.647240000 (fixed)
    t1:  3824001856.647240162 (float)
    t2:    E3EDA340.E2B9256F  (bytes)
    t2:  3824001856.885637607 (fixed)
    t2:  3824001856.885637760 (float)
    t3:    E3EDA340.E2C01759  (bytes)
    t3:  3824001856.885743579 (fixed)
    t3:  3824001856.885743618 (float)
    t4:    E3EDA340.A67EA5F8  (bytes)
    t4:  3824001856.650370000 (fixed)
    t4:  3824001856.650370121 (float)
offset:    00000000.3CA488C4  (bytes)
offset:           0.236885593 (fixed)
offset:           0.236885593 (float)
delay:    00000000.00C62EC6  (bytes)
delay:           0.003024028 (fixed)
delay:           0.003024028 (float)
ipaddr:          192.168.20.1
sntp: Exchange failed: Kiss of death
sntp: Exchange failed: Timeout
sntp: Exchange failed: Timeout
sntp: Exchange failed: Timeout
selected:
  leap:                     0
    t1:    E3EDA340.A5B18548  (bytes)
    t1:  3824001856.647240000 (fixed)
    t1:  3824001856.647240162 (float)
    t2:    E3EDA340.E2B9256F  (bytes)
    t2:  3824001856.885637607 (fixed)
    t2:  3824001856.885637760 (float)
    t3:    E3EDA340.E2C01759  (bytes)
    t3:  3824001856.885743579 (fixed)
    t3:  3824001856.885743618 (float)
    t4:    E3EDA340.A67EA5F8  (bytes)
    t4:  3824001856.650370000 (fixed)
    t4:  3824001856.650370121 (float)
offset:    00000000.3CA488C4  (bytes)
offset:           0.236885593 (fixed)
offset:           0.236885593 (float)
delay:    00000000.00C62EC6  (bytes)
delay:           0.003024028 (fixed)
delay:           0.003024028 (float)
ipaddr:          192.168.20.1
+0.236886 +/- 0.132248 opnsense.home.lan 192.168.20.1
  gtod:  1615013059.668058
adjust:           0.236885
   set:  1615013059.904943
~

Title: Re: MacOS sntp errors
Post by: edz on March 08, 2021, 01:55:47 AM
OK so the way I resolved this (and cross checking against a previous pfSense install) was to add the below to the Advanced input box to permit my VLANs to query the ntp service. 

Code Select

restrict 192.168.10.0 mask 255.255.255.0

restrict 192.168.20.0 mask 255.255.255.0
Text only | Text with Images