I am using our datacenter Fortigate as NTP server. From all the branches, could see NTP sync towards Datacenter. From DC, I am using Fortiguard as the NTP servers. My DNS reachability is fine. But still my NTP server is in unreachable state. I have created a firewall policy for this traffic, since my source interface of NTP is a different interface which will be forward the traffic to the internet interface. (But not seeing hit in that policy) I understand NTP is a self-originating traffic. Initially for few seconds, could see NTP server as reachable but later went into unreachable status. It hasnt synched post that..
Not sure, what config I am missing.
diagnose sys ntp status HA master: yes, HA master ip: 220.127.116.11, management_vfid: 0 ha_direct=0, ha_mgmt_vfid=-1 synchronized: no, ntpsync: enabled, server-mode: enabled
ipv4 server(ntp1.fortiguard.com) 18.104.22.168 -- unreachable(0x0) S:7 T:699 no data ipv4 server(ntp2.fortiguard.com) 22.214.171.124 -- unreachable(0x0) S:7 T:699 no data ipv4 server(ntp2.fortiguard.com) 126.96.36.199 -- unreachable(0x0) S:7 T:699 no data ipv4 server(ntp1.fortiguard.com) 188.8.131.52 -- unreachable(0x0) S:7 T:699 no data
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.