Why is Time Servers required?

  • This topic is empty.
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #1444
    ConfGenConfGen
    Keymaster
    • Total Post: 10966
    • Jedi Master
    • ★★★★★★★

    Hi,

    I have my V10L at firmware 5.2.0_35.05 configured to connect via a CSG to access Citrix. All seems to work fine until i removed the Time Servers entry. Following are my observations:

    1) Upon booting up it complained that “Time Server Required. Pleaase update or Contact with Administrator”
    2) I cannot logon if my PNAgent is configured to using HTTPS:// url. It complained that “Time Server doesn’t work yet” and the status on the PN logon screen displayed “Sign-on Service Unavailable”.
    2) If I change the PNAgent to using HTTP:// I was able to logon and see the apps. But when clicking the app, it complained that “Time server doesn’t work yet”.

    Does anyone know if Time Server is mandatory of CSG / HTTPS connection? Or would this be a bug that can be resolved by a firmware upgrade?

    Thanks!

    #13873
    ConfGenConfGen
    Keymaster
    • Total Post: 10966
    • Jedi Master
    • ★★★★★★★

    CSG with https is using certificates. And certs are only valid for a certain time. If the time could not be verified CSG assumes that your cert is not valid.

    CG

    #13875
    ConfGenConfGen
    Keymaster
    • Total Post: 10966
    • Jedi Master
    • ★★★★★★★

    Thanks ConfGen – that makes perfect sense.

    However, most of our Thin Clients are to be deployed in remote sites with very limited infrastructure components like DHCP, FTP, DNS and for this case, no NTP. As we hope to have only port 443 to be opened between the remote site back to data center, we can’t possibly point the Thin Clients back.

    Is there anyway to configure the time locally on the Thin Clients once and for all without the requirement of NTP?

    #13879
    ConfGenConfGen
    Keymaster
    • Total Post: 10966
    • Jedi Master
    • ★★★★★★★

    Sorry, this is a no. As the client do not have a battery-buffered real time clock, they will fall back to BIOS time with each reboot.
    You will have to configure either a remote SNTP server (could be PC) or open the needed port.

    CG

    #13884
    Avatarthinkthin
    Member
    • Total Post: 1707
    • Jacked into The Matrix
    • ★★★★★★

    Hi,

    Certificate infrastructure mandates a up to date time service, Linux, WTOS, Windows – no matter what!

    I would run a time service on the router in the remote site, this way no need to open port 123 – its very simple to configure in IOS,

    Cheers,
    -TT

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.