Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Can I get a hand with a few port forwards please?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Can I get a hand with a few port forwards please? (Read 1172 times)
tawnytim
Newbie
Posts: 2
Karma: 0
Can I get a hand with a few port forwards please?
«
on:
June 13, 2023, 04:12:53 pm »
I'm the absolute WORST with firewall rules/NAT. I just cannot, under any circumstance, ever seem to pick the correct options with regards to interfaces and such.
I'm trying to complete the instructions found here:
https://mariushosting.com/synology-how-to-enable-https-on-dsm-7/
.
Can someone please explain how to set up the port forward rules?
Logged
xstreem
Newbie
Posts: 5
Karma: 0
Can I get a hand with a few port forwards please?
«
Reply #1 on:
June 14, 2023, 05:29:21 pm »
One question do you know what you are trying to do following that guide? Port forwarding is needed if you want to access a service, in this case Synology DSM, from outside your network. This is absolutely not recommended, because anybody that type your public-ip:5001 or your ddns-address:5001 will be in front of your login page. If you really want this I can help you as it is quite easy but again I don't recommend it. What I recommend is to connect via VPN and then simply access your synology Dsm using local-ip:5001 and this is the most secure way.
Inviato dal mio iPhone utilizzando Tapatalk
«
Last Edit: June 14, 2023, 08:16:47 pm by xstreem
»
Logged
chemlud
Hero Member
Posts: 2488
Karma: 112
Re: Can I get a hand with a few port forwards please?
«
Reply #2 on:
June 14, 2023, 06:12:21 pm »
A user that doen't know how to have a port forward most likely doesn'T know how dangerous it is to have port forwards. The VPN way is the only way to go in such a situation...
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
xstreem
Newbie
Posts: 5
Karma: 0
Can I get a hand with a few port forwards please?
«
Reply #3 on:
June 14, 2023, 08:15:41 pm »
Well but he said he is not expert that is no problem I was preliminary informing him, then if he wants to go for that it is easy and possible, but as you and I said not recommended
Inviato dal mio iPhone utilizzando Tapatalk
«
Last Edit: June 14, 2023, 08:19:47 pm by xstreem
»
Logged
Cyberturtle
Jr. Member
Posts: 63
Karma: 5
Re: Can I get a hand with a few port forwards please?
«
Reply #4 on:
June 14, 2023, 08:58:26 pm »
I’m using a Synology NAS too. First, I‘d suggest only forward the HTTPS port of the DSM. Furthermore you need your IPv4 address and if you want dual stack access IPv6 host part should be stored as an alias.
I can provide some screenshots tomorrow if needed. I only had to configure the NAT port forward and IPv6 WAN in rule.
You should create a static lease entry in your DHCP static mappings for your Synology device.
Logged
RamSense
Hero Member
Posts: 595
Karma: 10
Re: Can I get a hand with a few port forwards please?
«
Reply #5 on:
June 15, 2023, 07:33:42 am »
to add on this, if you are running a service on your nas what must be connected to the internet, you could place it behind a proxy like nginx or HAproxy (plugins available on opnsense).
But i agree with the above to make your DMS itself only accessible with vpn.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Can I get a hand with a few port forwards please?