We have a private network to all our routers, in which we run a internal NTP server from the office which the NTP server has public internet access to get the updated time and then the routers will hit our internal NTP server to grab the latest time,  this makes it a bit more secure then having each router open to the internet

 

Daniel

 

From: nznog-bounces@list.waikato.ac.nz [mailto:nznog-bounces@list.waikato.ac.nz] On Behalf Of Matthew Harrison - PrimoWireless Ltd
Sent: Tuesday, 3 June 2014 10:09 AM
To: Sam Russell
Cc: nznog@list.waikato.ac.nz
Subject: Re: [nznog] Mikrotik+certs+1970

 

I use NTP on all of ours.

Regards,

Matthew Harrison
The Top Dog
p. 06 7566620 | e. matthew@primowireless.co.nz

Image removed by sender.

Please excuse the shortness of my email as it was sent from my iPhone.


On 3/06/2014, at 10:02, Sam Russell <sam.h.russell@gmail.com> wrote:

Hi all,

 

I'm playing with mikrotiks for VPNs, and one of the "features" is that the RB750's we have don't hold time when they reboot. I'm planning to build them with NTP access (so if they can get internet then they can get time), but I'm also tempted to generate certs backdated to 1970 instead.

 

Is anyone else doing this? How do you get mikrotiks to validate certs if the clock keeps resetting on power off - is relying on NTP the answer?

 

Cheers

Sam

_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog