Cisco ASA - How to configure NTP. [TESTED]

It’s impossible to configure FQDN as NTP server, IP address only. So, we need to know IP address of Why if we have no access to nslookup available on local PC to resolve hostname to IP address?

• Enabling DNS:

conf t
 dns domain-lookup outside
 dns name-server

• Resolving to the IP address:

ASA# ping
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 90/94/100 ms
ASA# show dns-hosts

Host                     Flags      Age Type   Address(es)           (temp, OK) 0    IP

• Configuring TimeZone and NTP:

conf t
 clock timezone MSK +3
 clock summer-time MSD recurring
 ntp server prefer
 ntp server

• Checking:

ASA# show clock
00:07:28.599 MSK Sun Jan 4 2015
ASA# sh run ntp
ntp server prefer
ntp server
ASA# show ntp associations
      address         ref clock     st  when  poll reach  delay  offset    disp
*~    2     4    64  377    85.8  -31.05    18.5
+~     3    18    64  377    67.9  -35.96    17.1
 * master (synced), # master (unsynced), + selected, - candidate, ~ configured

• Note that initial time synchronization process takes time (2 minutes or so) and you can’t make it faster (no any parameters available in ASA CLI).

