FVS318G not staying synced w pool.ntp.org or any ntp server. clock skew detected, restarting racoon
Have used at least one FVS318G (sometimes two for VPN) for about 5 yrs. Had trouble upgrading to latest firmware, so running Firmware Version: 3.1.1-14. Factory reset performed during this firmware upgrade. FVS318G is firewall for small bus network that also utilizes three NetGear GS105 switches, NetGear ReadyNas Duo (*), NetGear WN802T v2 access point (*), NEC DSX-40 (*) w/four remote VoIP keysets, eight PCs, three printers, etc.
All time clocks for above devices (*) sync properly with pool.ntp.org. Network has been pretty stable as above for the better part of two years with no hardware changes. FVS318G locked up a few times requiring a reboot, so not perfect, but reasonably stable and acceptable for our needs.
Over the last month, however, I have increasingly seen this:
[ntpdate] Date and Time After Synchronization : Wed Jan 20 08:31:44 GMT 2016 [ntpdate] Date and Time Before Synchronization: Wed Dec 31 16:01:35 GMT 1969 (the default setting I assume...)
Followed by:
[dhcpd] Wrote 0 new dynamic host decls to leases file. [dhcpd] Wrote 0 deleted host decls to leases file.
Ending in:
[dhcpd] lease 192.168.1.48: no subnet
[root] [SYSTEM START-UP] System Rebooted
Issue frequency is somewhat random occurring from every two hours (during the FVS318G's scheduled clock sync) to every few days. Router load does not seem to be a factor. Logs show error will happen during periods of high usage, but also at night with zero usage.
I am having to troubleshoot remotely, so I would be very appreciative of tips or suggestions other than factory reset/re-programming and/or firmware upgrade.
Re: FVS318G not staying synced w pool.ntp.org or any ntp server. clock skew detected, restarting ...
Hello Mykal,
Welcome to the community!
Try disabling all the VPN policies and IKE policies you have created after this reboot the firewall. Once the firewall is fully booted wit for about 10-15 mins then enabled all of the VPN policies and IKE policies. See if this will correct the issue.
Re: FVS318G not staying synced w pool.ntp.org or any ntp server. clock skew detected, restarting ...
Hello JohnRo,
Thanks for getting back to me! I appreciate your time.
I am pleased to report that LAN and broadband have been up for almost four days. It appears as if the racoon in the machine is happy again...for now.
In addition to doing as you suggested with regards to 15 min shutdown and disabled VPN & IKE policies (actually deleted all VPN items since we no longer use), I had a helper on site assist with shutting down all dhcp devices prior to reboot. This included the WN802T v2 which is static and outside dhcp, but done just to give the FVS318G and easy time starting up. Lastly, custom ntp servers were changed from both set to pool.ntp.org to us.pool.ntp.org for field one and 0.pool.ntp.org for field two.
Not sure exactly which of the above was the most effective in resolving the issue, but the network is definitely stable now. With not much time to mess around, we did all of the above pretty much concurrently which is probably not the best if trying to figure out root cause.
