Problems with Global Discovery when using a VPN —SOLVED—

It’s exactly the same issue as I described, most likely you don’t have port forwarding setup to punch out of the VPN, hence why the connection fails. One of your devices on the VPN responds to be a router (hence it tries UPnP).

The fact that your VPN service said something doesn’t mean it’s true. I use syncthing within a VPN and it works fine, you just need to know what you are doing.

After connecting to VPN and setting up port forwarding for the protocol port, get your public address (whatsmyip.com or something) and from another machine, that is not on the VPN, try connecting to the protocol port of the machine in the VPN. If that succeeds, syncthing would succeed too, if that doesn’t succeed, your port forwarding is setup incorrectly.

OK, so you are suggesting that the VPN port forwarding is not functioning correctly…

There is not a lot I can do to change how my VPN service provider forwards ports. I presume the company knows what they are doing! They are professionals after all. The Port is forwarded using their service

I have asked at their forum as well… explaining that syncthing needed the port forwarded, and that I forwarded the required Port on their website, tested this port using their software, recieved a confirmation that the port is reachable, but I still have problems with this port; they have not responded yet…

@kreischweide Adrian Rudnik Have you tried the port forwarding solution as well? that your VPN provides? it would be great if one of us at least got this working!

Indeed, I see. Yes it tries and fails, as it’s over IPSec which does not support broadcasts/multicasts (which includes UPnP) i guess, so the multicast/broadcast/upnp gets dropped. This would require at least a manual port forwarding. This would also explain why Syncthing does not find the other instance in the same subnet. Maybe even try a GRE compatible VPN like PPTP.

No longer at work, can try tomorrow :smile:

–I left the Global Discovery Servers at default –I gave each machine a unique Port number under the Sync Protocol Listen Address –I forwarded both of those Ports using the VPN Client Area… I ran the VPN tcp test, and it said the Ports are reachable… –I added the Ports to my IPtables list (on the Linux machine) (I turned the Firewall off on the Windows machine & on the router, so nothing would interfere with my testing…) –I manually forwarded the ports on my router… & restarted,

I turned on the VPN, at first I thought it was not working… But, I was not waiting long enough for it! (…because when the VPN was turned off; both machines would connect pretty much straight away!) DOH! both machines seem to connect now, but first, after a small delay of under 5 minutes!

–Thanks for all the Help and Advice