firewall rule vs port forwarding

Topics pertaining to SRM usage, usability and management
Forum rules
We've moved! Head over to Synology Community (community.synology.com) to meet up with our team and other Synology enthusiasts!
pergola.fabio
Student
Student
Posts: 76
Joined: Thu Jul 12, 2018 7:42 pm

firewall rule vs port forwarding

Unread post by pergola.fabio » Fri Jul 13, 2018 1:53 pm

hi

i have a simple setup , and a simple question

if you do port forwarding, for example 80 webserver , or 32400 plex ...
do you also need for each port forwarding a firewall rule to allow that traffic?

because in the firewall settings, at the botton , there is an option (default setting)
If IPv4 Wan-TO SRM traffic macthes no rules = deny

i want to leave it on deny offcourse

Babylonia
Virtuoso
Virtuoso
Posts: 1305
Joined: Tue Jul 26, 2016 10:47 am

Re: firewall rule vs port forwarding

Unread post by Babylonia » Fri Jul 13, 2018 2:13 pm

If you set to "deny" at the bottom, firewall rules are denied for services that are port forwarded.
EDIT: Sorry, just the other war round. You have to set to "Allow"
In that case port forwarding rules do have a more high priority, than firewall rules itself.

But why didn't you just check yourself? Test can be done very easily, and you know.
Last edited by Babylonia on Fri Jul 13, 2018 2:17 pm, edited 2 times in total.
RT1900ac / DS213j / DS415+ / DS218+ (at different locations).

pergola.fabio
Student
Student
Posts: 76
Joined: Thu Jul 12, 2018 7:42 pm

Re: firewall rule vs port forwarding

Unread post by pergola.fabio » Fri Jul 13, 2018 2:14 pm

ow, now i see that there is also a option in firewall
If IPv4 WAN-to-LAN = ALLOW (default option)

so if i set that to DENY , i need to create a rule probably for each service?
if leave it to ALLOW? then i dont need to make firewall rules

1) what is the best approach? DENY and create rules? or ALLOW and not create rules , what are the effects?
2) whats the difference between IPv4 WAN-to-LAN and IPv4 WAN-to-SRM ?
is SRM only used for remote management on the router itself?

Babylonia
Virtuoso
Virtuoso
Posts: 1305
Joined: Tue Jul 26, 2016 10:47 am

Re: firewall rule vs port forwarding

Unread post by Babylonia » Fri Jul 13, 2018 2:21 pm

pergola.fabio wrote:
Fri Jul 13, 2018 2:14 pm
is SRM only used for remote management on the router itself?
You can ad a harddrive, and use it as a sort of "NAS", use VPN services, media-server....

For further general questions just first read within the Synology Knowledge-base, and Help pages.
Also there are a lot of Tutorial video's found within the Knowledge base, that answer general based questions already.
https://www.synology.com/en-global/support
Last edited by Babylonia on Fri Jul 13, 2018 2:30 pm, edited 1 time in total.
RT1900ac / DS213j / DS415+ / DS218+ (at different locations).

pergola.fabio
Student
Student
Posts: 76
Joined: Thu Jul 12, 2018 7:42 pm

Re: firewall rule vs port forwarding

Unread post by pergola.fabio » Fri Jul 13, 2018 2:29 pm

ok, thnx

Locked

Return to “Installation and Configuration”