• This topic has 0 replies, 1 voice, and was last updated January 8, 2021 by Ralph H.

NTP scans after Upgrade to 8.5 up1

  • hello after upgrading our zerto zvm 2 sites to 8.5 patch 1, we’re seeing NTP port 123 quries from VRA’s and seems to be scanning for various outside ntp sites.  like to  Ziply 50.39.170.40, 78.46.162.102 in germany, and ips in austrilia.  its currently blocked at firewall.  we traced it back to all/any of the VRA’s.  and we can see it started right after we upgraded to 8.5 patch1 which included an upgrade of the VRA’s after the site ZVM servers.  since its a debian based distro, I can turn off the ntp service on vra but I’m guessing it would impact replication and change tracking.  support ticket submitted.

     

    anyone else?

You must be logged in to create new topics. Click here to login