Setup Windows Server As NTP Server For FortiGate

Forum|Forum|5 years ago
January 22, 2021
1 reply
4520 views

I'm trying to set up a Windows Server As the NTP Server For FortiGate running 6.4.4. I see that this needs to be setup using CLI. The network also uses 2 FortiSwitch's and 2 FortiAP's. I encountered an error setting this up.

config system ntp

set ntpsync enable

set type custom

set syncinterval 10

set source-ip 192.168.20.1

When I entered the last command it says: 192.168.20.1 does not match any interface ip in vdom root. node_check_object fail! for source-ip 192.168.20.1 I also tried: set source-ip 192.168.20.1/24 and set source-ip 192.168.20.1/255.255.255.0 In each case I got an error Any suggestions? Thanks!

Yurisk

SuperUser

Have you configured according to https://docs.fortinet.com/document/fortigate/6.2.1/cli-reference/104620/system-ntp ?

source-ip is used to set source IP address of the NTP query packets the Fortigate will send to the NTP server, and it should be one of the IP addresses existing on the Fortigate interfaces, you can't set source IP to just any random IP. Usually, btw, it is not needed, try pinging from Fortigate the NTP server (provided pings are not blocked by Windows firewall): cli -> exe ping <IP address of NTP server> if there are replies you don't need tricks with source IP.

lobstercreed

New Member

I also see you're missing the actual NTP server (or perhaps omitted it from your output here?).

You need to use:

config system ntp
   config ntpserver
        edit 1
             set server "name or IP"
        next
    end
end

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded