NTP port 123 outbound traffic


I have been monitoring too many NTP traffic going out through Sophos firewall and they are all blocked by default. The destination of the outbound traffic is many different NTP server location not only one server.

Client PCs are trying to get time information from many locations, how can I make PCs to get their time information from internal NTP server rather external NTP server?

This is the list of IP address that internal PCs are trying to reach to get time information. grapeofwrath.com.au utcnist2.colorado.edu host-24-56-178-140.beyondbb.com nist.netservicesgroup.com nist1-nj2.ustiming.org
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Prashant GirennavarCommented:
Are you using Active directory?

Make sure you have set the correct registroy entry on the client PC. Check below link


w32tm /monitor will give you the exact information.


-Prashant Girennavar.
Heera BishtSysadminCommented:

If the systems are in wokrgroup, use w32tm /unregister to unregister the ntp time source on the client system. This will remove any ntp defined settings from the registry.
and use w32tm /register to register the time source again.

IF these are domain joined system you can disable the same through group policy.
Ganesh Kumar ASr Infrastructure SpecialistCommented:
I would suggest if this is in client server (domain environment) : Configure the PDC to be internal time server and allow rule to sync with valid and trustworthy time server to sync. Configure Group policy to push the time to client.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
If your list of servers is complete, I would think of a mere bute force measure: Configure the servers in your DNS server with IP addresses pointing to your internal NTP server.

As an alternative, you could stuff that info into the HOSTS file on the clients, but that's a bit more complicated to maintain if changes occur (but more effective if the configuration in your DNS server proves to be tricky).
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.