In this video, we will guide you through the setup and configuration of the built-in firewall in Disk Station Manager (DSM). So we will start by trying to explain what a firewall is, and why you might want to enable it.
We will then take a look at how you actually configure the firewall on your NAS. Along with taking a look at creating multiple rules that you will need to enable in order to get basic services on your NAS working again.
Note: Just a quick heads up about the firewall on our NAS. It’s like a bouncer that keeps an eye on all the incoming and outgoing data on our NAS. So, while you don’t need to turn it on, it can be a handy tool to prevent any sneaky devices inside our home network from trying to make unauthorised connections to our NAS.
Note: As your NAS may not have been configured in the same way as the NAS seen in this video. Please note that if you enable the Firewall on your NAS. Access to your NAS might be effected until you have correctly configured your Firewall. So if you accidentally lock yourself out of your NAS. You will need to perform a Mode one soft reset which will disable the firewall, but leave your applications and data intact.
Log into Disk Station Manager (DSM) with administrators privileges.
Select Control Panel – Connectivity – Security – Firewall.
Within General, check the tick box next to Enable Firewall.
Enable Firewall notifications.
Create a Firewall Profile.
Select Edit Rules.
Create your Firewall rules.
Suggested Firewall rules to create:
Application
Ports
Protocol
Source
Action
Management UI
5000,5001
TCP
All
Allow
Synology Assistant
1234, 9997, 9998, 9999
UDP
All
Allow
Windows File Server
137, 138, 139, 445
TCP
All
Allow
WS-Discovery
5357, 3702
TCP/UDP
All
Allow
Bonjour
5353
TCP
All
Allow
Web Station, Photo Station Audio Station
80, 443
TCP
All
Allow
DLNA/UPnP Media Server
50001, 50002, 1900
TCP/UDP
All
Allow
Video Station
9025 – 9040
TCP/UDP
All
Allow
All
All
All
All
Deny
Notes: Make sure that the Firewall rule, Management UI is always at the top of your list of rules. Management UI is the service that allows you to access the DSM from within a web browser. If ManagementUI is below your Deny All rule. You will not be able to access the settings on your NAS.
After creating your rules select Apply.
You now need to test that you are still able to access all of the application and services that you have installed on your NAS.
Add comment