1.Add a Firewall rule in your Compute Gateway which allows NTP traffic to 169.254.169.123 as below.
Source: Compute Workload VM/Segment
Destination: 169.254.169.123
Services: NTP (UDP:123)
Applied To: Internet Interface or Direct Connect Interface (i.e.The interface where the default route is pointing - if it is not advertised over a direct connect, it will be the Internet Interface.). In this example, we do not have a DX connection to SDDC, so the rule is applied to the Internet Interface.
Note: If you have a default route advertised over a VPN, then you wouldn't be able to use the native Amazon Time Sync Service
### Open the command prompt in guest OS and execute the following commands. ###
2.Check the current status.
I would like you to mainly "Last Successful Sync Time" and "Source".
command :
w32tm /query /status
e.g :
Last Successful Sync Time : 12/25/2023 12:17:14 AM
Source: time.windows.com,0x8
3.Add route information for "169.254.169.123" in the guest OS.
command :
route -p add 169.254.169.0 mask 255.255.255.0 <Default Gateway IP address>
e.g :
route -p add 169.254.169.0 mask 255.255.255.0 192.168.100.1
OK!
4.NTP settings for "169.254.169.123".
command :
w32tm /config /manualpeerlist:169.254.169.123,0x8 /syncfromflags:manual /update
e.g :
w32tm /config /manualpeerlist:169.254.169.123,0x8 /syncfromflags:manual /update
The command completed successfully.
5.Re-check the current status.
command :
w32tm /query /status
e.g :
Last Successful Sync Time : 12/25/2023 12:20:20 AM
Source: 169.254.169.123,0x8