Use case is that previously migrated all Aria Operations for logs nodes to particular host, configured ESXi host to be the NTP server then set up affinity rules with VM/Host groups so that the Aria Operations for Logs VMs stay on the particular host to address latency issues.  Now want to now configure a new NTP server in Aria Operations for Logs. 

When adding the NTP server found that

• Testing the connectivity between Aria Operations for Logs and the ESXi host fails, to check run the command curl -v telnet://###.###.###.###:123 
• The /storage/core/loginsight/var/runtime.log shows errors similar to below when testing the connection for the new NTP configuration

  [2025-04-02 17:28:25.157+0000] ["CheckPerformer-thread-1"/###.###.###.### WARN] [com.vmware.loginsight.prodcheck.lib.NTPSyncCheck] [
  Time synchronization cannot be confirmed.
  Check availability and health of the NTP servers.

Aria Operations for logs 8.18.x

vCenter 7.x and later

There are some firewall rules that are restricting the NTP from communicating on port 123 because of which one esxi host is failing to sync time with Aria Operations for Logs

Regrouped and created affinity rules to exclude that problematic ESXi host as per documentation Create a VM-Host Affinity Rule