I have a Server that is going to be communicating to uk.pool.ntp.org for its time, but obviously i need to configure this in the ASA to allow it access

I dont have a list of IPs in that pool and i cant find them on the internet either

So how would you get around this?

If it's the NTP server IP addresses that you are unsure of, have you tried enabling logging in ASDM and monitoring which IPs it's trying to connect to?

_________________
Isuru Senadheera
MCSE, CCNP, CCSP, MCITP
www.isururakshitha.org

The list is likely large, and fairly dynamic; you may need to attack this problem a different way (such as pointing the server toward a few members of that pool but not the whole pool).

_________________
"A problem well stated is a problem half solved". (Charles Kettering)

Can't you do an nslookup to get the IPs? Of course the pool list is probably changing on a regular basis. I would just do as Dinger said, and point to a few IPs in the list.

-Otanx

I believe FQDN support was added in 8.4.2 for objects and can be used in ACLs but I honestly have no idea if it will actually do a DNS look up and permit traffic based on that. Never tested using FQDNs with ACLs.

*EDIT*

Looks like it might actually work for what you want. There are a few caveats to using FQDNs so make sure you read the limitations section in the link.

https://supportforums.cisco.com/docs/DOC-17014

_________________
The Cubicle Wizard
http://cubiclewizard.blogspot.com/