You want to debug and isolate NTP problems.

Use the show ntp association command to view the status of the configured NTP associations:

Router>show ntp associations 

Use the ping command to ensure connectivity to the NTP server exists:

Router>ping 172.25.1.1

Use the debug ntp packet command to view the NTP packets being generated by the router:

Router#debug ntp packets 

NTP packets debugging is on.

If the router’s internal clock is incorrect and the router has NTP enabled, then the first step is check the status of the NTP associations:

Router>show ntp associations

      address         ref clock     st  when  poll reach  delay  offset    disp
   ~172.25.1.5       0.0.0.0        16     -    64    0     0.0    0.00  16000.
   ~10.1.1.1         192.168.15.32   2    60    64    0    27.6  -1100.  16000.
 * master (synced), # master (unsynced), + selected, - candidate, ~ configured
Router>

Notice that there are two NTP associations configured on this router, but neither is currently our synchronized master. The example also indicates that neither of the two NTP associations is currently reachable, since the “reach” statistic is zero.

The most obvious place to begin is to test connectivity. You can test connectivity from the router to its NTP association with the ping command. If the NTP association does not respond to the ping request, then a network path may be obstructed or the peer may be down. Isolate and fix the connectivity issues, and hopefully this will rectify the NTP problem. Note that access control lists between the router and its ...