Port forwarding - direct sync between 2 computers

[Lollipoppingu]

Good morning,
I can't find a solution to this "problem".

I have a computer in the office (always on) and a computer at home.
Right now I'm synchronizing some data and on Resilio I find the message that the Relay server is used.

From what I understand it is used when it is not possible to use a direct connection (on the same network).
What I'm wondering is, is it possible to always use a direct connection?
From what I understand, I have to open the ports on the office and home routers.

I found this guide but didn't understand anything:
https://help.resilio.com/hc/en-us/articles/204754759-What-ports-and-protocols-are-used-by-Sync-

What ports should I open on the routers?
Thank you all.

[Frank Maier]

You can disable the use of relay servers for each folder:

https://help.resilio.com/hc/en-us/articles/204754779-What-is-a-Relay-Server

Then you can add the static IP of your office computer to the known hosts:

https://help.resilio.com/hc/en-us/articles/205458125-Folder-Preferences

That way you don't need relay server and don't need tracker servers.

 

And finally you can try to open the ports until it works. What exactly don't you understand in the guide?

[Lollipoppingu]

1 hour ago, Frank Maier said:

You can disable the use of relay servers for each folder:

https://help.resilio.com/hc/en-us/articles/204754779-What-is-a-Relay-Server

Then you can add the static IP of your office computer to the known hosts:

https://help.resilio.com/hc/en-us/articles/205458125-Folder-Preferences

That way you don't need relay server and don't need tracker servers.

 

And finally you can try to open the ports until it works. What exactly don't you understand in the guide?

Hi Frank,
Thanks for the reply.
Unfortunately in the office I cannot set a static IP, is it possible to do the procedure without it?

[Frank Maier]

Without a static IP you have to use the tracker servers. But you still can disable the relay server, but have to make sure, that the required ports can be opened. Which is normally the case in consumer routers. However, if your office system uses some kind of more secure firewall, you'll have to open the required ports manually. Ideally you only forward these ports to your specific computer IP.

So, according to the guide from resilio:
1. https: Do you use some kind of content filtering at your office by using a proxy server? If not, then nothing to do here.
2./3. In your Resilio Sync settings, "advanced" there's a port. You have to forward this port (both TCP and UDP) to your local computer IP, on both networks.

[eltopo]

You should try to set up some sort of VPN so your computers can make direct connection over the internet. The easiest way is running an SSH server on your home computer's port 443 (most likely your office firewall will allow the office computers access an external IP's port 443 (https)), then from your office computer, make an SSH tunnel with proper port forwarded to the other end of the tunnel (i.e., your home computer running RSL), your office computer then can simply use localhost:port to make direct connection to your home computer.

[Andy+]

There is a feature request that describes the problem, because there ist no feature for that:

https://forum.resilio.com/topic/72159-relay-server-for-port-443-https-80-http/

As a rule, it is not possible to communicate from company networks except via ports 80 and 443, i.e. http:// and https://. Since VPN also uses its own addresses/ports, VPN operation is usually blocked.

It is clear that Resilio cannot handle this in any case, so in the past I used ownCloud or something like that, which only uses these ports. If you want to unify this, you can currently only use another P2P software that can. Otherwise, the only thing that helps is to wait until Resilio adds the aforementioned possibility in the relays.

Resilio advertises a workaround via config, but it doesn't work, so any further attempt is fruitless.