[USG Flex H Series] - Internal NTP Server

Maverick87

Hello everyone,
as a new feature request, can be usefull to install an NTP Server inside the USG Flex H firewall.

In this way, if you block internet connection for a device, it can synchronize own clock/timezone information directly from the firewall without using internet at all.
The NTP Server can also used as time source for all the devices, as single point of truth.

Thank you

Zyxel_Tina

Hi @Maverick87,

Thank you for your input!

Regarding your request, you can configure the USG FLEX H firewalls to function as an NTP server for your internal devices via the CLI using the following commands:

>edit running

>running config# / vrf main ntp server-subnet <priority> {allow| deny}{CIDR subnet| all}

>running config# commit

>running config# copy running startup

>running config# exit

Replace CIDR subnet with the specific subnet you want to allow to synchronize with the firewall. You can also use all to permit all subnets to synchronize with this device.

For example, / vrf main ntp server-subnet 0 allow 192.168.1.0/24 or / vrf main ntp server-subnet 1 allow all

PeterUK

Cool so you can😎

Maybe a simple checkbox in the UI per interface in advanced settings would make this easy.

Maverick87

https://community.zyxel.com/en/discussion/comment/81461#Comment_81461

Cool, it works like a sharm!!

As PeterUK says, can be implemented a checkbox in the interface for enable/disable this functionality? I think that can be enabled/disabled for all the interfaces, because you can always choice what is the server that work as NTP Server.