Running Syncthing at work (non admin rights)

Hello all !

On my workstation (=non admin rights), I’ve tried to replace Portable Dropbox by Syncthing to access my current work folder at home. No wrapper (SyncTrayzor, SyncthingGTK) could be installed, of course. So I just launch the bare Syncthing executable. Issue: neither does it see to any of the other repos, nor could it be seen by them.

How can I look for what’s wrong, please?

Thanks

At work you are NATted, at home you probably are too. Can you add a host inbetween which is not, and see if the connection works?

Ahem… Sorry to say I’m not that technical. How to do this ?

The portable versions will work (if Syncthing-GTK has a portable version, I’m not sure. Portable SyncTrayzor will work fine at least).

Portable SyncTrayzor was the first I tried. To no avail (it requires .Net Framework 4.5, which I cannot install). I don’t think SyncthingGTK has a portable version but I gave the normal version a go. It requires python27.DLL, which I cannot install either. :confused:

Did you use syncthing with a device outside your home network before?

If not, you should check UPnP or manual Port Mapping in your home firewall.

If you had a device working successfully outside your home network, it could be, that your company firewall is blocking outgoing traffic. Dropbox used the default HTTPS port (443) which is “never” blocked. But syncthing uses other ports, which might be blocked.

Ah fair enough, that’s a shame.

@wweich Yes. My smartphone, my tablet, my laptop, my NAS and my VPS are constantly in sync. This could be a port issue, as you suggested.

So is it possible to make Syncthing use this port ? (just a random thought that might sound nooby, I have no idea if & how it makes sense…)

If you have no HTTP(S) Server running at home (on that machine, or which is accessibly from the internet) you can change the address for the sync protocol in the main syncthing settings.

I changed mine to listen to the default 0.0.0.0:22000 plus the one which is needed to get through my company firewall, resulting (in your case) in 0.0.0.0:22000, 0.0.0.0:433

You should disable UPnP and set up the port forwarding in your home router manually, as UPnP will probably not map 443 externally.

I don’t know if global discovery will work with both adresses. I entered my second port + dyndns address in the device config on the node at work.

1 Like

The global discovery will announce the UPnP mapped port if UPnP was successful, otherwise the first of your listen address ports.

An annoying thing here might be that you need to root/admin or have magic capabilities set to be able to listen on port 443…

(This is something we’re currently considering with the relay service btw.)

Yea, didn’t think about that. My “special company firewall” port is above 1023 ;).

So, if you have dyndns and only want the workaround for your office computer, I would suggest the following.

  • Set listening port for sync protocol to something like 0.0.0.0:22000, 0.0.0.0:22001
  • Disable UPnP
  • Open the following two ports in your home router:
  •    22000your-pc:22000
  •    443your-pc:22001
  • At work, set the device address of your home pc to your-dyndns-address:443

Port 22000 will be announced in global discovery and port 443 can be used as workaround.

1 Like