Hi,
I didn't notice, but for a long time ago my devices can't communicate with NTP servers.
I've checked OPNSense NTP service status and is working fine with multiple external NTP servers.
I've tried to config my OPNSense as main NTP Servers on my network device but again, can't communicate with NTP Server.
I've checked 123 traffic on Firewall live log but i can't see nothing. What I'm missing?
My Firewall does have NTP connection outside my net, but my network not. Clearly is firewall rules issue, how to address it with safe aproach in mind?
Thank you very much.
The firewall itself has an automatic outbound rule that (unless masked) allows it to communicate... on any port, actually. For inbound, you need an appropriate inbound pass rule that covers NTP.
To check logs, logging must be enabled for the rules you wish to observe. Logging for the automatic rules is located in "Firewall: Settings: Advanced" -> "Logging".
These are my autom. LAN rules:
(https://i.imgur.com/BFNqJ2m.png)
These are my autom. WAN rules:
(https://i.imgur.com/hqUm6G7.png)
Is there anything suspicius?
Thanks.
You need a manual LAN rule:
Source: LAN net
Destination LAN address or This Firewall
UDP/123
Allow