Hi,

I would like to allow some devices to access WWW to synchronise their clock (NTP) but not give the full www access

My network is designed this way : 

A 4G rooter (Archer MR200) <=> A Firewall (TL-R600VPN) <=> a Wifi access point (300M Wireless N Range Extender) <=> Some wifi devices

The security at firewall level is : 

Default filter policy : " Deny the packets not specified by any access control policy to pass through the Router"

On the device I set the NTP server to "pool.ntp.org"

I created a rule with a target : Mode : "Domain Name" - Domain Name: "pool.ntp.org" / my provider DNS and attached this rule to the divice.

Unsuccessfully....  When I allow "any target", the device clock get synchronised but not with the target configured.

If anyone has a solution or even a clue ...

Thank you for your help and take care of yourself.