Synology DS918+ & Netgate 2100
-
@johnpoz I think you NAILED it - My assumption is if I disable firewall in my NAS this should work - Let me try this and get back
-
@johnpoz It worked!!!! Thanks a ton to ALL for help - Sonos can see my library!!!
-
@netboy Just to be clear, just because I have mine disabled, doesn't mean its a good idea for your network.. You have to make that decision based on your own concerns for the security of your network..
But this shows you for sure it was firewall on your NAS, so depending on your needs/concerns you may want to re-enable it and set appropriate rules for your neeeds.
-
@johnpoz I completely understand....my NAS is on the trusted network (LAN1) and any user on LAN2 has ONLY read priviledges....I do understand
-
@netboy Another question....
When my NAS firewall was ON, how come my kodi which is on LAN2 was able to access my shares in the NAS?
-
@netboy from what you posted you have 2 different Ips on your nas - so depending on what IP you were hitting, and what the firewall was setup to allow, etc.
-
@johnpoz My kod is on LAN2 (172) and my "secondary" LAN in synology has a LAN2 ip address. So both are in the SAME network and naturally my kodi was able to access the shares (firewall was on in synology) but I do not have any special configuration in my nas (allow or block in my synology NAS firewall is not configured). I do have some "applications" like audio, video etc configured on my synology nas that all source IPs can access.
My question is how kodi (with nas firewall ON) can access my shares and not SONOS? btw kodi and sonos are on the same LAN2 subnet.
Obviously synology is blocking but I am unable to figure this out
-
@johnpoz said in Synology DS918+ & Netgate 2100:
This wouldn't really have anything to do with accessing your nas from your PC.. But it would have to do with your PC being accessed by other things on your network.. When in public mode, firewall is going to be more restrictive for inbound traffic, etc..
FWIW I would normally agree but Bitdefender for instance blocks printing to a public network, because otherwise the PC may detect and try to install drivers off an untrusted printer/print server. In any case that wasn’t the issue here.
-
@SteveITS said in Synology DS918+ & Netgate 2100:
Bitdefender
Did I miss where he said he was running bitdefender, and not just default windows firewall?
-
@johnpoz said in Synology DS918+ & Netgate 2100:
Bitdefender
I agree with PC but sonos is direct smb connection to nas - bitdefender does not come into this picture....Similarly Kodi is direct connection to nas using smb. Kodi works but not sonos.....I am pulling my hair and unable to figure this out
-
@johnpoz no, read as “third party a/v, for instance Bitdefender.” I would hope most do…? It was a thing to check, that’s all.
Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote 👍 helpful posts! -
@SteveITS agree for sure.. I just didn't recall seeing that he was running any sort of 3rd party security software on his pc.. But sure - depending what security software your running the setting of private/public could come into play with more than just inbound connections into the pc, etc..
-
@SteveITS I am showing my firewall rules in my nas where kodi works but sonos did not . BTW the firewall is ON in nas. My kod is in a different box and not using pc. I am "removing" pc from the picture
-
@netboy hey,
is that listing complete? For I cannot see any allow for CIFS there...
Can you go and try out setting CIFS to allow and then try again with your sonos system? :) -
@the-other said in Synology DS918+ & Netgate 2100:
Can you go and try out setting CIFS to allow and then try again with your sonos system? :)
Wow that worked!!! Sonos can see the shares NOW with NAS firewall ON - So much shit and flavors about various protocols gets one confused!!! Thank you very much
-
@netboy btw...you have some rules on your NAS with "source all" and such...might think about either disabling the firewall altogether or define those rules...but thats just my 2 cents... :)
Glad that worked out for you...strange that your kodi can reach via smb/cifs...is there another ruleset for the kodi machine? Is CIFS allowed there? -
@the-other said in Synology DS918+ & Netgate 2100:
is there another ruleset for the kodi machine?
No
-
@the-other said in Synology DS918+ & Netgate 2100:
btw...you have some rules on your NAS with "source all" and such...might think about either disabling the firewall altogether or define those rules...
These are synology apps (for quick connect so that I can access outside my LAN) - Do you see any issues?
-
@netboy
No, no issues. It must work for you and your needs...
I just don't use QC (quickconnect). Pfsense works here as my VPN server, so whenever I really need to get on my NAS from outside my network, I just use VPN and all is well. No need for extra rules.
But I have rules on my NAS for LAN. Depending on clients (mobile, pc) and only those service ports open that are truly needed for that kind of client. Everything else is closed (no rule equals forbidden). So I do not really work with source any but use either IPs or IP ranges (for IPv4 and v6, here with ULAs). Works like a charm and is an extra to pfsense's work on a larger scale... ;) -
@the-other Does VPN work as smooth as quick connect to say streaming your shares OUTSIDE your network (using synology apps) ? I am going to assume NO - Especially "surveillance station" - VPN I assume will bog it down
