Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
cmaheu
Staff
Staff

Created on ‎01-15-2020 08:42 AM

Article Id 197575

Technical Note: Troubleshooting NTP synchronization

Description
Not synchronized with NTP server defined in the Administration UI under System > Settings > System Management > NTP and Time Zone.  This is confirmed by using the ntpstat command in the CLI. 

Example:
> ntpstat
unsynchronised
polling server every 8 s


Solution
1. Verify whether or not the NTP server specified in the Administration UI under System > Settings > System Management > NTP and Time Zone can be reached.  In the CLI type
ntpq -p

The NTP server cannot be reached if:
"when" column = blank
"st" column = 16

Failed Example:
> ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 149.20.176.27   .INIT.          16 u    - 1024    0    0.000    0.000   0.000
 time.nullrouten .INIT.          16 u    - 1024    0    0.000    0.000   0.000


2.  If unable to reach the server, either troubleshoot why the server cannot be reached or
try changing the NTP server in the Administration UI to a known good one.  If the NTP server is defined as a name, compare the resulting IP address listed in results for "ntpq -p".  If different than a known good NTP server synchronization, try using the known good IP address.

3. Once the NTP Server has been changed in the UI and the system has been restarted, verify the server is now reachable.

Working Example:

> ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 162.159.200.1   10.16.12.8       3 u   33   64    7   16.481    5.305   4.260


> ntpstat
synchronised to NTP server (162.159.200.1) at stratum 4
   time correct to within 970 ms
   polling server every 64 s


NOTE:  ntpstat results may not show the system synchronized immediately.  It may take several minutes. 

If the system time is dramatically different than the NTP server, then simply synchronizing may not be enough to correct the time automatically.  For instructions on correcting the clock, see related KB article below.


For more information on NTP troubleshooting, refer to the following URL:

Related Articles

Technical Note: Adjusting NTP for drift

Labels:
6610
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.