Network filter munges external device's Device-ID

kingqueen · March 31, 2023, 6:02pm

I live in a care home and connect via their Internet connection. It has some filtering on it. (Fortinet?)

I have an external VPS on which I have installed Syncthing. But when I try to connect any device to it (desktop, laptop, 2x smartphones) when they are on the care home’s Internet connection, it fails.

Here’s what appears in the Syncthing interface on things that I attempt to connect to the VPS.

tcp://[VPS IP]:22000

unexpected device id, expected QJVENDW-C4E4WUT-WPIJNRK-3S77N25-7VGLB6O-6NEVI7Y-INZJJ77-XXXXXXX got NGUVQFR-XQGVXP7-SCCRH2F-ULM6YIB-6PKUBUF-LFXYLAK-OCJ4QNX-XXXXXXX

I’ve tried using a different port - 22001 - and the same thing happens.

If I connect laptop, mobile phones to a different Internet connection - e.g. mobile Internet - it all works just fine, and everything syncs.

So I’m assuming something in this hokey Internet connection provided by the care home messes with Syncthing.

Have you come across anything like this before please?
Is there a way of getting round it?! (I don’t want to have to permanently VPN)

Thank you

Doug

calmh · March 31, 2023, 6:08pm

It seems like a TLS-inspecting proxy is in use, which is essentially a man-in-the-middle attack. Syncthing is designed to be resistant again this, i.e., there is no work-around in Syncthing. You need to get a clear path to the other side, via a VPN, a firewall or proxy exclusion, etc.

kingqueen · March 31, 2023, 6:17pm

Much appreciated, thank you ever so much - and for an excellent piece of software.

Ah. This is another reason to avoid the home’s Internet. I think I may resurrect my Starlink connection.

system · April 30, 2023, 6:17pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.