otosnede Posted June 26, 2017 Report Share Posted June 26, 2017 Router: pfSense 2.3.4 with two interfaces active WAN: DHCP LAN: 10.5.1.0/24 Firewall rules to allow LAN to all ----> Forwarding port 443 (Synology VPN port) from WAN to LAN to a ----> Wireless AP: Synology RT2600ac (in AP mode... no NAT or DHCP) - Product page: Synology VPN Plus IP on LAN: 10.5.1.2 VPN is distributing virtual IPs in the 10.5.2.0/24 space Things that work while on the mobile cell network and connected to the VPN: Able to access all the devices on the local LAN Can ping all devices on the LAN in the 10.5.1.0/24 space Can access a Plex server that only has LAN access on port 32400 at address 10.5.1.3 Getting the correct DNS from the LAN (OpenDNS blocks banned URLs in the browser) Things that don't work: The Sync iOS app will not connect to any of the peers on the 10.5.1.0/24 LAN Things I've tried so far: Having the AP distribute virtual IPs in a reserved block in the 10.5.1.0/24 space - didn't work Forwarded the listening port of my always-on Sync box from the WAN to it's IP on the LAN - didn't work Forwarded the Sync ports (3000, 3001, 4000) to the always-on box - didn't work Added a LAN firewall rule in pfSense to allow source 10.5.2.0/24 access to all - didn't work As stated in the title, every box on my network running Sync has relays disabled on the shares themselves and in the power user settings... I want to be able to join the peers on the LAN direct while on the VPN so nothing ever has to go through a relay server... to that note, I tried enabling a relay server on one share on a LAN box, and then iOS device was able to connect to that share and the LAN box showed that the iOS device was going through a relay. I'm kind of lost as to what to try next and would love some suggestions! Quote Link to comment Share on other sites More sharing options...
otosnede Posted June 28, 2017 Author Report Share Posted June 28, 2017 Port forward NAT rule added in pfSense, routing any hit on TCP/UDP port 33545 to forward to LAN address 10.5.1.3 Corresponding WAN firewall rule added to allow any WAN incoming on port 33545 to pass to the local LAN address, 10.5.1.3, of the machine running Sync Machine at 10.5.1.3 running Sync 2.5.4 has a listening port set to 33545 macOS Firewall on the machine has Resilio Sync added and incoming connections set to "Allow" Router and machine have been restarted several times throughout the troubleshooting process The iOS device won't link to the Mac with my license on it... when I take a snapshot of the QR Code on the Mac, it just times out Anyone know what can be causing it? I can connect to Plex on that same machine just fine. Quote Link to comment Share on other sites More sharing options...
Helen Posted June 28, 2017 Report Share Posted June 28, 2017 your support ticket was replied. Quote Link to comment Share on other sites More sharing options...
otosnede Posted June 28, 2017 Author Report Share Posted June 28, 2017 2 hours ago, Helen said: your support ticket was replied. And unfortunately, the info in there didn't help, so I'm looking for more people that may have a similar setup Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.