I need to deploy syncthing within my corporate network. The corporate network is setup to implicit deny all URLs unless required. soI have to whitelist the URLs and ports that are required.
I have gone through the syncthing documentation and whitelisted the follwoing below on Sophos XG
You need to permit connections to the discovery servers.
Then, do you need to connect to a Syncthing outside the firewall? If so you need to permit the outgoing connection to that device, or to a relay server. If it’s just on the inside of the firewall you should be fine as-is.
Relays are not http so there are no urls, ports are also not fixed as these are chosen by users providing the relay, so it can be anything. By default it’s 22067, but some provide it on 443, some provide on some other random port.