Help with Error

I am trying to install Sync on a server at my office that renders reports every 4 hours and pushes them to a folder. The idea is that I can sync the folder to my phone and laptop so when I am not in the office I can read them. My server is Windows server 2012 and my laptop is Win 7 and Ubuntu. Have not tried on the phone yet but I cannot see the server from wither laptop. I checked the logs and this is what I see after a restart:

[EDIW7] 12:44:44 INFO: Detected 0 NAT services
[EDIW7] 12:44:54 INFO: Relay listener (dynamic+https://relays.syncthing.net/endpoint) shutting down
[EDIW7] 12:44:54 INFO: Relay listener (dynamic+https://relays.syncthing.net/endpoint) starting
[EDIW7] 12:44:54 INFO: c.S.listenerSupervisor: Failed service 'dynamic+https://relays.syncthing.net/endpoint' (1.000000 failures of 2.000000), restarting: true, error: "{dynamic+https://relays.syncthing.net/endpoint dynamic+https://relays.syncthing.net/endpoint} returned unexpectedly", stacktrace: [unknown stack trace]
[EDIW7] 12:44:59 INFO: Couldn't fetch release information: Get https://upgrades.syncthing.net/meta.json: dial tcp 82.196.13.137:443: connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
[EDIW7] 12:44:59 INFO: Automatic upgrade: no version to select
[EDIW7] 12:45:02 INFO: Couldn't fetch release information: Get https://upgrades.syncthing.net/meta.json: dial tcp 82.196.13.137:443: connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
[EDIW7] 12:45:15 INFO: Relay listener (dynamic+https://relays.syncthing.net/endpoint) shutting down
[EDIW7] 12:45:15 INFO: c.S.listenerSupervisor: Failed service 'dynamic+https://relays.syncthing.net/endpoint' (1.615513 failures of 2.000000), restarting: true, error: "{dynamic+https://relays.syncthing.net/endpoint dynamic+https://relays.syncthing.net/endpoint} returned unexpectedly", stacktrace: [unknown stack trace]
[EDIW7] 12:45:15 INFO: Relay listener (dynamic+https://relays.syncthing.net/endpoint) starting
[EDIW7] 12:45:36 INFO: Relay listener (dynamic+https://relays.syncthing.net/endpoint) shutting down
[EDIW7] 12:45:36 INFO: c.S.listenerSupervisor: Failed service 'dynamic+https://relays.syncthing.net/endpoint' (1.994575 failures of 2.000000), restarting: true, error: "{dynamic+https://relays.syncthing.net/endpoint dynamic+https://relays.syncthing.net/endpoint} returned unexpectedly", stacktrace: [unknown stack trace]
[EDIW7] 12:45:36 INFO: Relay listener (dynamic+https://relays.syncthing.net/endpoint) starting
[EDIW7] 12:45:57 INFO: Relay listener (dynamic+https://relays.syncthing.net/endpoint) shutting down
[EDIW7] 12:45:57 INFO: Entering the backoff state.
[EDIW7] 12:45:57 INFO: c.S.listenerSupervisor: Failed service 'dynamic+https://relays.syncthing.net/endpoint' (2.227601 failures of 2.000000), restarting: false, error: "{dynamic+https://relays.syncthing.net/endpoint dynamic+https://relays.syncthing.net/endpoint} returned unexpectedly", stacktrace: [unknown stack trace]

Not really sure how to proceed here?

EDIT: I have tried turning off the firewall and the AV on both sides to make sure it isn’t blocking anything.

EDIT2: And the laptops (Win 7 and Linux) can see each other.

This looks like either the machine firewall or a corporate firewall/requirement for a proxy.

Thanks Audrius. I have turned off all machine firewalls. We do have a corporate FW but I cut a NAT for the server with ports TCP 22000 and UDP 21027 and still no joy. What is it exactly I need to contact and maybe I can white list that URL/IP? I really want to see this work!

UPDATE: I found out we are blocking the Netherlands, which is where the domain it is trying to reach out to is located. Unblocked it and still cannot connect.

Relays are not mandatory of the port is properly available on the public internet. But if you are getting the error then whatever whitelisting you did, did not work. So perhaps the same is affecting discovery and the actual tcp connection being available on the internet.

The two ports are forwarded. We have a Meraki firewall that blocks entire countries so I am wondering if it is reaching out to one of the blocked countries for something required to run? I am installing on another server now to see if I get the same results.

Post screenshots of the web UI please.

See screenshots below. Installed it on a 2016 server on same network with the exact same results. I have no problem changing the FW to accomadate, but not sure what changes to make?

Can you access https://relays.syncthing.net?

If yes, do you have an HTTP proxy setup in IE settings (internet settings in control panel)?

No I cannot. When I resolve that IP it shows it is hosted in Amsterdam, Netherlands so I white listed all of the Netherlands and still cannot reach the site. Is it hosted in another country and just forwarded via the Netherlands?

Discovery 3/5 is good, means global discovery at least should work. What does it say when you expand the remote devices (screenshot).

(I am not addressing the location/FW/IP stuff, as I neither know much about it nor do I believe it has any point. If you have such strict requirements, disable relaying and set up your own global discovery.)

It says they have never been seen. And from the device side it says the same.

That was expected, but what’s not is that it didn’t discovery any addresses. However probably my following assumption was bad: I thought “Discovery 3/5” meant that ipv6 discovery is not working. However in your case it probably is global discovery (v4 and v6) not working. You can check by clicking on it. If this is the case, you’re back to figuring out your networking/firewalling.

Anyways, I think you need to tame your firewall, clearly whatever you did is not working as you’ve proven yourself. Not sure we can help you much here.

I have nothing to add here except

:confounded: … why? Pretty much all our infrastructure, including our forum, lives there. It’s a rather harmless country, internet-wise, I’d think.

We don’t block any country until it attacks the servers. Then the country gets blocked unless we do business there. One bad apple…

IPv6 is enabled in the network adapter and supported by the FW. I know Resilio forked from this project so I installed it to see if it would work and it did. I don’t want to use Resilio because I believe in Open Source tools and am tired of closed ecosystems. Will keep trying things to see if I can get it to work. Can anyone provide more info about the ports and how they work? I read the Firewall FAQ in documentation and opened the UDP and TCP ports listed there.

If you insist on this nonsense, then either run your own discovery server (on a provider outside of the Netherlands…) or connect your devices with static IPs (i.e. in the advanced tab of device settings, add the static IP address).

Right now the country is not blocked and it is still not working. Will look up how to connect with static IP’s.

Solution: After running Wireshark to determine why this was not working with the Netherlands whitelisted I found the issue was with the server itself. It has 4 network cards and they are in a “teaming” configuration so no matter what you tried to use for routing it sent out one interface and would receive on another. Set up another server this morning and as soon as it came up all worked well as long as the Netherlands was white listed. I am pretty sure you can blacklist any country and just use static relay addresses if necessary, but have not gotten that far yet.