ISP blocked port 123, how can I circumvent it?

Knowingly or not my ISP seems to have blocked port 123 which breaks Windows Time Sync, I would like to circumvent this block using OpenWRT's firewall, is that possible?

1 Like

No. If the ISP is blocking it - that's who must unblock the traffic.


So talk to your ISP first, a work-around might be to use a VPN to a remote endpoint that does not block port 123, but that comes with its own issues.


If TCP port 4460 is accessible then you can use NTS with a package like Chrony and disable certificate time checks if required.

You can then offer classic NTP on UDP port 123 downstream to LAN clients, and set a DNAT firewall rule to redirect client requests to the device running Chrony (to avoid having to change NTP settings on client devices).


Not sure if it still exists, but there also used to be at least one time service that allowed sync via a custom HTTP client.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.