diff --git a/roles/easyredmine/files/timestamp-reply.xml b/roles/easyredmine/files/timestamp-reply.xml
new file mode 100644
index 0000000..dfeb975
--- /dev/null
+++ b/roles/easyredmine/files/timestamp-reply.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<icmptype>
+  <short>Timestamp Reply</short>
+  <description>This message is used to reply to a timestamp message.</description>
+  <destination ipv4="yes"/>
+  <destination ipv6="no"/>
+</icmptype>
diff --git a/roles/easyredmine/files/timestamp-request.xml b/roles/easyredmine/files/timestamp-request.xml
new file mode 100644
index 0000000..724b0e8
--- /dev/null
+++ b/roles/easyredmine/files/timestamp-request.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<icmptype>
+  <short>Timestamp Request</short>
+  <description>This message is used for time synchronization.</description>
+  <destination ipv4="yes"/>
+  <destination ipv6="no"/>
+</icmptype>
diff --git a/roles/easyredmine/tasks/firewall.yml b/roles/easyredmine/tasks/firewall.yml
index 2e53b1b..64ba79b 100644
--- a/roles/easyredmine/tasks/firewall.yml
+++ b/roles/easyredmine/tasks/firewall.yml
@@ -35,6 +35,26 @@
   notify: restart firewalld
   when: is_production_vm == True
 
+- name: define new icmp types for timestamp responses
+  copy: dest='/etc/firewalld/icmptypes/{{ item }}.xml'
+        src='{{ item }}.xml'
+  sudo: yes
+  with_items:
+    - timestamp-reply
+    - timestamp-request
+
+- name: load new icmp types for timestamp responses
+  command: firewall-cmd --reload
+  sudo: yes
+
+- name: disable icmp timestamp responses
+  command: firewall-cmd --permanent --zone=public --add-icmp-block={{ item }}
+  sudo: yes
+  with_items:
+    - timestamp-reply
+    - timestamp-request
+  notify: restart firewalld
+
 - name: restart firewalld
   service: name=firewalld
            state=restarted