Reverse Proxy - Access Control Profile

Topics including remote access and management can go here, including port forwarding, telnet, ssh, and advanced network settings.
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form: ... p?lang=enu

2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.
I'm New!
I'm New!
Posts: 7
Joined: Sun Feb 21, 2016 8:21 pm

Reverse Proxy - Access Control Profile

Unread post by ziptbm » Mon Aug 13, 2018 5:56 am

I recently discovered the Access Control Panel feature in the Application Portal option within settings. The documentation in the KB is rather lacking, so I haven’t been able to properly config access to only my local devices.

In the Accssz Control Profile options, setting the first rule to my VPN IP with “allow” and second IP as “Any” with “deny” makes any reverse proxy using that proxy only accessible via the VPN IP. If I want this configuration, but also want access when on the same local network, what value do I put into the “IP or CIDR” field?

I’ve tried all combinations I can find, but nothing works for whitelisting this. My local network is 10.0.0.x, so I have tried sever CIDR addrssses (, /25, /8, etc), but nothing seems to enable my scenario. If I set the second rule to my actual IP (ISP and dynamic), it works as expected. Problem is my IP changes and I can’t put a DDNS url as it wants numbers only (accept ‘all’). I’ve also tried localhost as an option, but the system won’t take it.

Any ideas or suggestions for enabling a profile that allows for access To the app from VPN or from my home network?

Post Reply

Return to “Remote Access and Network Management”