You do need IP Plus for NTP but SNTP is available in the base IOS. I'm not near the router at the moment. The fact that it's sending and recieving the packets suggests it's doing it but not quite getting it right.
I've configured my 1603 with
sntp server 192.168.1.101
which is my SNTP server but it don't get the time.
I did debug sntp packet and see
00:09:14: Sending SNTP packet to 192.168.1.101
00:09:14: xmt AF3BD2A5.FB3F2A70 (00:09:09.981 GMT Mon Mar 1 1993)
00:09:14: Received SNTP packet from...
Additional to the above,
I've added an access list,
access-list 101 permit tcp any host 192.168.0.2 eq www
to allow the inbound connection. The problem appears to be a lack of a static NAT mapping inbound.
I've got a small LAN on 192.168.x.y behind a 1600 with firewall IOS using an ISDN2 dial on demand to my ISP with easy IP and dynamic NAT to the WAN IP address. Outbound access works fine and I can get my address posted to dyndns.org to enable me to find the IP address on the 'net, however...
The advantage of a two tier firewall set up is that it provides additional protection to your inside network. By using two vendor's solutions you protect yourself from any proprietary attacks against the Cisco should they arise.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.