Fortinet NTP Configuration

                                                            

For an accurate time, use an NTP server to set the system time. Synchronized time facilitates auditing and consistency between expiry dates used in the expiration of certificates and security protocols.

Basically, there are three-step you can follow:-

Configure the correct time zone.
One can also configure custom NTP servers that the FortiGate will use to synchronize its own time.

From GUI you can add a maximum of 1 server but from CLI you can add up to 2.

From the GUI go to System > Settings > System Time and select Synchronize with NTP Server. 

By default, this causes FortiOS to synchronize with Fortinet's FortiGuard secure NTP server.

For a custom NTP server, you have to add the below configuration.

This is only configurable from the CLI:

Fortigate-01#config system ntp

#set type custom
#set ntpsync enable
#config ntpserver
#edit 1
#set server <IP address or hostname>
##next
#edit 2
#set server <IP address or hostname>
#end

To verify the synchronization status from the FortiGate using “diag sys NTP status”.

Below is an example using FortiGuard servers as NTP source:

Fortinet-01 # diag sys NTP status

synchronized: yes, ntpsync: enabled, server-mode: enabled