NTP pix - cannot use ACL
Posted on 2006-10-30
I have a PIX 515. I have three external time server I need to be able to pull time from.
We have built a time server that lives on the internal LAN. IP Addresses are Internal - xxx.xxx.10.9 and External - xxx.xxx.195.23. Our time servers will be 22.214.171.124, 126.96.36.199, and 188.8.131.52.
We will not move over to ACLs, because we are moving to multiple ASA Clusters that are currently in testing. So I have to use conduit's and static commands in our PIX Firewalls.
So what static command do I need to use for this internal time server in order to get out and receive back NTP packets.
What is the proper conduit command to use for this to limit NTP Port 123 traffic only from/to xxx.xxx.195.23 and the External Time Servers?
Thanks in advance.