Syncthing Not Connecting

The Problem

Syncthing devices show as "Disconnected" in the web UI. Folders display "Out of Sync" or "Waiting to Connect." Devices that previously synced stop communicating, or newly added devices never establish a connection.

Updated March 2026: Verified with latest Docker images and configurations.

Common error messages in the Syncthing log:

Connection to DEVICE-ID at tcp://192.168.1.100:22000 refused
Relay connection failed: dial tcp relay.syncthing.net:443: i/o timeout
Discovery: no addresses returned

The Cause

Syncthing uses three connection methods in this priority order:

Direct connection — TCP on port 22000 (default) between devices on the same LAN or port-forwarded through NAT
Relay — Through Syncthing relay servers when direct connections fail
Discovery — Global discovery servers to find device addresses, plus local discovery via broadcast

Connection failures happen when:

Firewalls block port 22000 (TCP) and/or 21027 (UDP for local discovery)
NAT/router configuration prevents incoming connections
Relay servers are unreachable (corporate networks, restrictive ISPs)
Device IDs are mismatched between peers
Syncthing is bound to the wrong network interface

The Fix

Method 1: Fix Firewall Rules (Most Common)

On the server running Syncthing, open the required ports:

# UFW (Ubuntu/Debian)
sudo ufw allow 22000/tcp comment "Syncthing file sync"
sudo ufw allow 21027/udp comment "Syncthing local discovery"

# firewalld (Fedora/RHEL)
sudo firewall-cmd --permanent --add-port=22000/tcp
sudo firewall-cmd --permanent --add-port=21027/udp
sudo firewall-cmd --reload

For Docker deployments, ensure the ports are mapped in your Docker Compose:

services:
  syncthing:
    image: syncthing/syncthing:2.0.15
    ports:
      - "8384:8384"     # Web UI
      - "22000:22000/tcp"  # File sync (TCP)
      - "22000:22000/udp"  # File sync (QUIC)
      - "21027:21027/udp"  # Local discovery

Method 2: Fix NAT/Router Configuration

If devices are on different networks, port forward on your router:

Log into your router admin panel
Forward port 22000 TCP to your Syncthing server's LAN IP
Forward port 21027 UDP for discovery (optional but helps)
Forward port 22000 UDP for QUIC connections (optional, improves performance)

Verify the port is reachable from outside:

# From another network
nc -zv your-public-ip 22000

Method 3: Force Relay Connections

If direct connections aren't possible (both devices behind strict NAT), verify relay access:

Open Syncthing web UI → Actions > Settings > Connections
Ensure "Enable Relaying" is checked
Ensure "Global Discovery" is enabled
Default relay servers: default (uses Syncthing's public relays)

Test relay connectivity:

curl -s https://relays.syncthing.net/endpoint | head -5

If your network blocks outbound connections to relay servers (port 443), you may need to configure a corporate proxy or use a VPN.

Method 4: Verify Device IDs

Mismatched device IDs prevent connections entirely:

On Device A: Actions > Show ID — copy the full device ID
On Device B: Add Remote Device — paste Device A's ID exactly
Repeat in reverse (Device B's ID on Device A)
Both devices must accept each other

Method 5: Check Listen Address

If Syncthing is bound to a specific interface:

Go to Actions > Settings > Connections
Check "Sync Protocol Listen Addresses"
Default is default which listens on all interfaces
If set to a specific IP (e.g., tcp://192.168.1.100:22000), ensure that IP is correct and reachable

Prevention

Use the default listen address unless you have a specific reason to bind to one interface
Keep relay enabled as a fallback even if you primarily use direct connections
Set up port forwarding on your router for at least one device per network
Monitor connection status in the Syncthing web UI — the "Connections" tab shows which method each device uses
Use Syncthing's built-in NAT traversal (enabled by default) — it handles UPnP and NAT-PMP automatically if your router supports them