About NTP time synchronization on iOS

Induced errors with NTP time synchronization when using a VPN is a long time, well known problem. It can occur on any computer connecting via a VPN and relying on NTP services for time synchronization. It’s particularly common with non-enterprise grade VPN services (like a lot of the cheap VPN server providers that have started business lately).

The NTP sync cannot bypass the VPN either as that would make the VPN pointless. The whole point of a VPN is to route all traffic through the VPN and not allow any data to bypass that connection. It’s intended to completely wall off the device using the VPN from all traffic other than what is passed through the VPN.

The following differentiates VPNs used for connecting into a VPN server associated with a private organization's internal network, from commercial add-on VPN apps marketed to "protect" the first hop or three of the network connection. The former can be useful. The latter can be problematic.

Commercial VPN apps often do not do what many think they do, and can or do have features and capabilities that the VPN users might not realize or might not want. There's a reason these apps are massively advertised, too. Users' data is profitable, and VPN servers are perfectly positioned to collect and even to modify that traffic.

If you want or need protection against that first network hop and somehow cannot upgrade your connectivity to use the built-in HTTPS and SSL-related VPNs (a connection upgrade which should be implemented regardless of VPN usage), then running your own VPN server—the Streisand VPN server is one of various available examples—avoids worst of the mess at the VPN server. This approach also gets away from using the widely-known VPN credentials, which is a mess that allows for interception and decryption of the VPN traffic.

Pending any ability to load an NTP profile, use a DNS intercept for the domain. You're on a VPN. Use it. Intercept the traffic.

Leaking traffic off the VPN tends to be unpopular, and bogus time server time values do have security implications.

And yes, the VPN adds latency to the connection. Whether for sntp or otherwise.

Apparently Apple disagrees with you, but you can always submit feedback to Apple about it.

I also don’t know, but strongly suspect that an iPhone can use multiple data inputs to set its time, using GPS and/or cell phone towers when available.

If I disable wifi and cellular data on my iPhone, but leave date and time settings on “automatic” with location services enabled, my iPhone clock still stays perfectly sync’d with my GPS or NST radio time signal Citizen wrist watches and car’s GPS set clock, right down to the second. And I have done that experiment for several weeks or longer at times when traveling. So it must be able to utilize alternative data to NTP when no internet access is available, just as location services uses several possible data sources for location fixes.

Note that it's vitally important for most cellular phone networks for the device to have its clock synced to the cellular network, so odds are even if you could set it via NTP to the time source of your choice it would sync with your cellular provider anyway.

Using a VPN on an iPhone is completely pointless. It does nothing to protect your privacy. Exactly the opposite, in fact.