|Applies To||RSA Product Set: SecurID|
RSA Product/ Service Type: Authentication Manager
RSA Version/Condition: 8.x
|Issue||The following timeout error appears when trying to check NTP peers status from an SSH session or console connection, even though NTP is synchronizing correctly|
|Cause||The default NTP configuration on RSA Authentication Manager 8.x ignores any NTP queries from IPv6 addresses. Since Authentication Manager does not come with IPv6 totally disabled, administrative functions coming from the IPv6 localhost are not allowed, unless the ntp.conf file is edited to allow NTP queries from the IPv6 localhost.|
The example below is part of the default /etc/ntp.conf file on an Authentication Manager 8.1 server. The lines restrict <IP> control which IPs are allowed to query NTP information. There is a restrict line for the IPv4 localhost address (127.0.0.1), but not for the IPv6 localhost (::1).
|Resolution||To resolve this issue, edit the ntp.conf file and add a line to allow NTP queries from the IPv6 localhost.|
Note that during Quick Setup another user name may have been selected. Use that user name to login.