Firewall ports?

cocowalla · August 5, 2015, 2:48pm

I’m planning on using Syncthing to backup to a cloud VM. Essentially I’m going to use it for continuous backup.

I’ve opened TCP port 22000 on the remote VM, but after adding the device IDs to both the local and remote systems the VM still shows ‘Disconnected’ on my local machine.

Not sure if it’s relevant, but I am tunneling through a local SOCKS proxy on my machine, with traffic forwarded to port 22000 on the VM.

I see these errors on the local machine, but nothing on the remote VM:

“[EE24R] 15:43:58 INFO: TLS handshake: WSARecv tcp 127.0.0.1:59022: An existing connection was forcibly closed by the remote host.”

I don’t need to open port 22000 on both machines do I?

blondangel · August 5, 2015, 3:41pm

I also have the ‘forcibly closed by remote host’ as well. All my syncthing devices are within a local LAN and I have global discovery turned off (all of my devices stay within my home); only the local discovery is on.

However, my router is an apple airport express and it’s known not to be UPnP-friendly. Any settings or ports that I should manually set up? I didn’t forward port 22000 because none of my devices are outside of my local network. Is this correct?

Appreciate the help.

AudriusButkevicius · August 5, 2015, 4:05pm

So syncthing is not backup, as nuking files in one place will most likely nuke them in all places.

If you are proxying your traffic through a proxy, the global discovery address advertised most likely is incorrect.

I suggest you use stfinddevice from syncthing-utils from build.syncthing.net to see what is the end-result ip address and port which arrives at the discovery server, and adjust accordingly to make it right.

If this is for local discovery, you need multicast broadcast support which probably does not work over a proxy.

AudriusButkevicius · August 5, 2015, 4:05pm

That implies the connection was made. You should check the error log on both sides to see why one side decided to disconnect.

cocowalla · August 5, 2015, 7:18pm

If you mean ‘syncthing.log’, it doesn’t contain anything that wasn’t in the console windows.

cocowalla · August 5, 2015, 7:20pm

Sorry, not sure what this means? I’m specifying the IP addresses of remote VM in the config on my local machine, so not sure why I’d need to do any kind of discovery?

cocowalla · August 5, 2015, 7:41pm

Ah, it seems I’d forgotten to open port 22000 in Windows Firewall on the remote VM

It looks to be working now.

I must be a bit too used to applications opening it themselves via UPnP. Sure enough, there was a message in the remote console saying ‘No UPnP device detectedNo UPnP device detected’.

Zillode · August 6, 2015, 5:58am

UPnP should work, see Help a noob with 'No UPnP device detected' and Tips on how to make UPnP work for help. Please report your results.