• In the vSphere Client, navigating to a host and selecting Configure > System > Time Configuration > TEST SERVICES results in the following error message:
  
  Configuration is not working normally
  
  
• When establishing an SSH session to the affected ESXi host and checking the Network Time Protocol (NTP) synchronization status with the ntpq -p command, the reach value is displayed as 0. A reach value of 0 indicates that the ESXi host has not successfully received any of the last eight consecutive NTP polling packets from the configured upstream time server.
  
  Sample ntpq -p output displaying the communication failure:
  
       remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
<NTP_IP_Server>  .INIT.          16 u    -   16    0    0.000   +0.000   0.000

VMware ESXi 8.x

Network communication failure, intermediate firewall block, or missing routing path between the ESXi VMkernel interface and the configured upstream NTP server on UDP port 123.

To isolate and verify network-layer connectivity between the ESXi host and the NTP server, execute the following diagnostic steps via the ESXi command-line interface (CLI):

1. Verify ICMP connectivity from the specific management VMkernel interface (typically vmk0) to the NTP server IP address:
   
   vmkping -I vmk0 <NTP_server_IP>
   
   
2. Capture and review active network traffic on UDP port 123 to confirm whether the ESXi host is transmitting requests and if the upstream server is returning replies:
   
   tcpdump-uw -c 5 -n -i vmk0 host <NTP_server_IP> and port 123
   
   
3. If vmkping fails or tcpdump-uw shows outbound packets without corresponding inbound responses, engage your network administration team to inspect intermediate physical firewalls, routers, and ESXi firewall rules to ensure bidirectional traffic is permitted over UDP port 123.