?
Solved

Sonicwall SSL-VPN 2000 Time Keeps Changing

Posted on 2014-10-07
3
Medium Priority
?
416 Views
Last Modified: 2014-10-08
We have a Sonicwall SSL-VPN 2000 that is currently in prodcution for some legacy users/software. Every now and then, the device will get hung up and we'll have to reboot it. Upon reboot, it will give us an error about the time being out of sync with Active Directory.

When I go to the time page, the time is always 10 minutes ahead of the actual time. I've tried syncing to various ntp servers but it stays 10 minutes ahead. If I manually change the time, it works until the next hangup/reboot.

Is there a setting I can change to make the time fall in line automatically with the ntp servers?
Is the SSL-VPN somehow picking up time from somewhere that is 10 minutes ahead?
Do I look fat in this dress?
0
Comment
Question by:Paul Wagner
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 2000 total points
ID: 40369209
add your dc as the time server, make sure to check the box "Only use custom NTP servers". you should see it in the log as a "firewall event"

Here is one of my log events, I changed the ip of my dc to xx

10/08/2014 12:12:03.752      Notice      Firewall Event      System time updated based on response from NTP server                    Received reply from NTP server 10.xx
.xx.xx. Update system time from 10/0
8/2014 12:12:03.336 to 10/08/2014 12
:12:03.752
0
 
LVL 5

Author Closing Comment

by:Paul Wagner
ID: 40369267
Exactly what I needed. Didn't even think of using my AD/DC server as the address. Thought it had to be some government ntp thing. Face-palm. Thanks for the help!
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 40369346
I've always heard that the AD/DC should have a external time source, and then everything else should point to it. If you virtualize, you can point your hosts to the dc and then your vms to the host to avoid a ton of things hitting your dc.
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses
Course of the Month11 days, 20 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question