I can't get the cameras time synced

IAmATeaf said:
To be fair post #10 but Whoaru99 mentioned this
Click to expand...

Ah yes thank you for pointing that out. Now there is a photo also just in case others read over it. :)

Just another mention I am using google time servers as mikeynags suggested to avoid any future issues:
time.google.com
time.2.google.com
time.3.google.com
time.4.google.com

I did not open any 123 ports on window firewall but I did add nettime folder to exclude in the firewall. I am not sure if this is necessary.

THANKS AGAIN EVERYONE.
 
Just an FYI for anyone reading this thread.

If you're using hikvision cameras on a hikvision nvr, the cameras need to be set to manual time, with the nvr set to receive the time from the ntp server of your choice with the appropriate DST settings.

The nvr will push its time to the cameras, which can lead to issues if the cameras are set to DST and receiving an already DST adjusted time from the nvr. If you turn DST off on the cameras, you'll find their time jumping around every time they sync to the ntp server and have the time pushed to them from the nvr.
 
  • Like
Reactions: TL1096r and Q™
@mikeynags has helped me tremendously. He narrowed it down to firewall blocking it.

Shut off windows firewall it works. Turn it on but exclude nettime.exe and won't work. What settings will allow this to work with nettime?

Do I have to change inbound/outbound rules and if so what would the setting look like for anyone that did this?

Thanks
 
TL1096r said:
Do I have to change inbound/outbound rules and if so what would the setting look like for anyone that did this?
Click to expand...

You may want to read through all of the posts to this topic and try again.
TL1096r said:
Shut off windows firewall it works. Turn it on but exclude nettime.exe and won't work. What settings will allow this to work with nettime?
Click to expand...

NTP time servers work within the TCP/IP suite and rely on User Datagram Protocol (UDP) port 123. If turning off Windows Firewall resolves your issue then you need to configure Windows Defender Firewall to allow UDP port 123. I'm not certain if you need to open an inbound or an outbound port on your NetTime server...I'd open both ports: inbound and outbound...

Create an Inbound Port Rule (Windows 10)

Thumbsmiley20.gif
 
  • Like
Reactions: TL1096r
Q™ said:
You may want to read through all of the posts to this topic and try again.


NTP time servers work within the TCP/IP suite and rely on User Datagram Protocol (UDP) port 123. If turning off Windows Firewall resolves your issue then you need to configure Windows Defender Firewall to allow UDP port 123. I'm not certain if you need to open an inbound or an outbound port on your NetTime server...I'd open both ports: inbound and outbound...

Create an Inbound Port Rule (Windows 10)

Click to expand...

Thanks for the link. I did follow it and that is where I am at. I just need to make a rule.

Does anyone know specifics on how I should set it up. Example of questions being asked as making a custom rule:
-Local port or Remote port: 123?
-Any IP or these ip addresses?
-Specify profiles to which this rule applies-check mark next to each one:
domain
private
public


So I did a inbound rule - port 123 - UDP - it seems to work but just want to check with pros here if this was necessary or leaves you open to any vulnerabilities?


I did see this post but not much detail to it so I just wanted to confirm before I make the wrong setting on Windows Firewall:
Whoaru99 said:
Did you confirm there is Windows firewall rule allowing incoming connections to port 123? I had to make that a rule on my W10 machine.

FWIW, there isn't any need to wait a long time to see if it works. Just change the NTP update interval in one of your cameras to a couple minutes.
Click to expand...
 
Last edited:
TL1096r said:
it seems to work but just want to check with pros here if this was necessary or leaves you open to any vulnerabilities
Click to expand...

Well then. I'm not a pro. But I do know that unless you've exposed a machine on your LAN to the internet by port forwarding (or allowed Universal Plug & Play UPnP to open a WAN port) you've more to worry about from a Phishing expedition than opening a NTP local port.

 
Q™ said:
Well then. I'm not a pro. But I do know that unless you've exposed a machine on your LAN to the internet by port forwarding (or allowed Universal Plug & Play UPnP to open a WAN port) you've more to worry about from a Phishing expedition than opening a NTP local port.

Click to expand...


:)

Thank you.
 
You must log in or register to reply here.
Top Bottom