Could not connect to relay (relay id does not match)

Hi I’ve been using syncthing for some months now, both on my home computers and on a computer hosted on another network. They all run Linux Ubuntu and the same syncthing version 1.15.1.

Today, the one hosted on another network started not to connect to any relay anymore with tons of errors of this shape:

11:10:50 INFO: Could not connect to relay relay://185.75.118.191:22067/?id=76YEZAL-OK7AU6U-XVQ7DUE-IBKJADO-BALTQWP-KLWRB3H-F6CLE7W-4BQ2SQD&pingInterval=1m0s&networkTimeout=2m0s&sessionLimitBps=0&globalLimitBps=0&statusAddr=:22070&providedBy=: relay id does not match. Expected 76YEZAL-OK7AU6U-XVQ7DUE-IBKJADO-BALTQWP-KLWRB3H-F6CLE7W-4BQ2SQD got BMY6CW7-XBK5PVQ-QAQNBSB-YX4ZKQB-4IDGF7L-3CF2Q62-P3NIBMC-AXADXAZ

In the past, I never had such problems.

When I start syncthing (on the remote computer) I get these messages, which look OK to me (or do they show some kind of problems?):

11:10:31 INFO: quic://0.0.0.0:22000 detected NAT type: Symmetric UDP firewall
11:10:31 INFO: quic://0.0.0.0:22000 resolved external address quic://150.217.32.151:22000 (via stun.syncthing.net:3478)
11:10:38 INFO: Detected 1 NAT service

Or is something wrong with the firewall (which I never touched in the meantime)?

I also tried by removing .config/syncthing folder, but I still get the same problems.

Any clue of what could be wrong, please?

thanks in advance

Do you have a relay hardcoded? The relay changed its certificate so it doesn’t work anymore. Usually it just connects to the next available relay.

If not, then something is doing MITM attack by swapping the certificates on the connection as it happens.

I never set the relay explicitly… how can I check whether that’s hardcoded?

It should be set as one of the listen addresses. It might be that this relay errored and it just picked the next one.

OK, so in that case no: it has “default”

Right, I guess in that case its just a warning, assuming the other device also has it as default.

In any case my home device and the remote device cannot connect…

If different relays all show this message you most likely have a firewall trying to inspect TLS traffic, which can prevent syncthing traffic.

All relays show that message then I guess there are some firewall things going on, on which I don’t have any control…

I solved the connection problem by using SSH tunneling, which is also super fast, so in some sense having the relay problems helped me discover a better solution I guess :wink:

thanks!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.