CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3.
2. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 Platforms > Check Point SecurePlatform (SPLAT)
NTP Issues On SPLAT NTP Issues On SPLAT
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2007-12-18
Junior Member
  
Join Date: 2006-06-15
Location: Trinidad
Posts: 17
Rep Power: 0
bronzelee has an average reputation (10+)
Send a message via MSN to bronzelee
Default NTP Issues On SPLAT
Good day guys and gurus,

I am having a ntp issue on my enforcement modules [NG AI, and NGX] in a Provider-1 environment:

Upon further investigation, we notice that the system clock [derived from typing 'clock' at the checkpoint console] output a different time when compare to setting the time using SYSCONFIG. However, if you set the time via SYSCONFIG, the actual system clock updates as well to reflect the changed made. but if for some reason there's a synchronization issue, and you update the NTP time to re-sync to the NTP Server [Provider-1], the change only take effect in SYSCONFIG time and not the system clock.

I check the secureknowledgebase but to no avail, I will gladly welcome your inputs to address this issue. The article below dose not address the issue.

sk32647

Symptoms

* When synchronizing the VPN-1 Power/UTM time and date using the NTP Server, the local machine time is reported wrong, while the NTP server query shows the correct and synchronized data and time.

Cause

The NTP server reports its local time to all the client machines that are synchronized with it. The clients then calculate their local time and date based on the NTP server's data and the client's Local Time Zone setup.
If the client's Local Time Zone was defined incorrectly, the client's local time and date is calculated incorrectly. The NTP server query still displays full synchronization state for this client.
Solution
Note: No new VPN tunnels will be established during the execution of the Time Zone change.

If two firewalls are connected via Site-to-Site, if one of the Firewall's Time Zones changes and the other Firewall is still running the previous Time Zone Setup, no new tunnels will be created due to the time difference between the two VPN members.

However, existing tunnels will not be affected.
To set up the correct Time Zone, proceed as follows:

1. Log in to SecurePlatform.
2. Switch to Expert mode.
3. Type sysconfig.
4. Choose option 4 and then option 1.
5. Proceed according to the desired Time Zone setup.

Related Solution:
sk25894 - Configuring NTP on SecurePlatform NG with Application Intelligence
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -7. The time now is 09:35.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0