If all IP phones and the IPPBX within the company cannot access the external network, but they have configured an default SNTP server to obtain time, and the SNTP server is on the external network, this results in these devices being unable to auto-obtain the correct time. In this case, we can install an NTP server on the local network that can access to the external network, so that all phones and the IPPBX can obtain the correct time through this NTP server.

 

We assume debian 12 as one example, and iso is from here:

https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.8.0-amd64-netinst.iso

 

The steps are as follows:

1. please ssh to debain 12 as root, and input the commands to install ntp service:

apt install ntp

2. we can change the config file:

nano /etc/ntpsec/ntp.conf

pool 0.cn.pool.ntp.org iburst

pool 1.cn.pool.ntp.org iburst

pool 2.cn.pool.ntp.org iburst

pool 3.cn.pool.ntp.org iburst

Here we can use many external ntp server or keep them default. As usual, choosing a closer pool server based on geographical location can improve synchronization accuracy, and here we choose China location.

 

server 127.127.1.0

fudge 127.127.1.0 stratum 10

It means in addition to configuring the external NTP servers, a local pseudo NTP server is also configured. The system will only use the local clock as the final time source when all external time sources are unavailable.

 

#restrict default kod nomodify nopeer noquery limited

restrict default ignore

By default, all access is denied.

restrict 10.168.1.0 mask 255.255.254.0 nomodify notrap

It means it will just allow the devices in specific network segments(10.168.0.0/23) to access NTP services.

The remaining settings can keep as default.

 

3. After finish changing, please input the command to restart the service:

systemctl restart ntpd

 

4. we can input the command to check the detailed information of the external ntp servers:

ntpq -p

*Indicates the primary time source currently selected for time synchronization.

 

5. we can test the ntp settings of IP phones now:

Here we can find that before enabling the SNTP service, the phone time is incorrect and manually set.

After enabling SNTP server + inputting the local ip of debian 12 + choosing the correct time zone,  click Apply button.

The phone time is correct now.

When submitting settings on the phone, we can also capture packets on the phone and discover the information exchange between the phone and the NTP server.