Menu
Cart

Beginner’s Guide to Synology Firewall Rules: Why Firewall Rules Matter on a Synology NAS

A Synology NAS is a place where important business or personal data is often stored. It can be accessed from local networks, remote offices, or the internet. If the firewall rules are not set up correctly, the NAS could be open to unauthorized access, brute-force login attempts, or bad traffic.

Beginners can use the built-in Synology firewall to decide who can access the NAS and which services are available. When set up correctly, it is one of the best first lines of defense for your backup and storage space.

What the Synology Firewall Really Does

The Synology firewall controls the traffic that comes into the NAS. It looks at each connection request and decides whether to let it through or block it based on the rules you set.

Firewall rules can sort traffic by:

  • IP address or range of IP addresses
  • Region or country
  • Network connection
  • Port or service

The rules are checked in order, from top to bottom, until a match is found.

Understanding the Rules for Allow and Deny

  • The rules for Synology firewalls are easy to understand but very useful.
  • Allow rules let traffic through that meets certain conditions.
  • Deny rules stop traffic that meets certain conditions.

A common mistake for beginners is to let everything through and then add a few deny rules. It’s safer to let trusted access and deny everything else.

How to Find Firewall Settings in DSM

To get to the firewall rules:

  • Sign in to DSM
  • Open the Control Panel
  • Go to Security
  • Click on the Firewall tab

You can turn on the firewall and start making rules from here.

Explaining the Basic Structure of Firewall Rules

Most of the time, each firewall rule has:

  • Source IP: The address of the traffic’s source
  • Ports or Services: What services are being used
  • Action: Give permission or deny it

For instance, you might only let DSM access from your office’s IP range and block all other sources.

Setting up a firewall is easy for beginners

For beginners, a safe starting configuration includes:

Rule 1: Let people on the local network access

Allow access from your internal LAN, like this:

192.168.1.0/24
This makes sure that all of the trusted devices in the area can get to the NAS.

Rule 2: Let trusted people access your computer from afar

If you need to access something from afar:

  • Allow certain public IP addresses
  • Or let VPN subnet ranges through
  • Don’t let “any” external IP in unless you have to.

Rule 3: Block All Other Traffic

  • Add a last rule that blocks all other traffic.
    This makes sure that only connections that are clearly allowed can reach the NAS.
  • The order of the rules is important. The deny-all rule needs to be at the very bottom.

Blocking by country

Synology lets you set firewall rules based on where you are in the world. Beginners often use this to keep traffic from places where they don’t work.

Country-based rules are not a full security solution, but they do:

  • Lower background noise and scanning attempts
  • Add another layer of safety

Don’t accidentally block real users or services.

Firewall Rules and Services That Are Common on Synology

Firewall rules have an impact on a lot of NAS services, such as:

  • Access to DSM on the web
  • Sharing files (SMB, AFP, NFS)
  • Drive from Synology
  • Services for backups
  • Media servers

Check the rules to see if the port or service is allowed if a service stops working after you turn on the firewall.

Things Beginners Often Do Wrong

  • Not letting people on the local network
  • Putting deny rules above allow rules
  • Blocking ports that are needed for backups or sync services
  • Letting all traffic through “temporarily” and never locking it down
  • Making changes without checking access

Always check access after making a change, and if possible, do it from both local and remote locations.

How Firewall Rules Help with Backup and Security

Firewall rules are very important for keeping safe:

  • Protect backups from ransomware attacks
  • Access to DSM for administrators
  • Connections for cloud and off-site replication

Firewall rules make NAS security much better when used with strong passwords, two-factor authentication, and regular updates.

When Firewall Rules Don’t Work

The Synology firewall is strong, but it shouldn’t be the only way to keep your computer safe. For larger or business-critical environments, you may need:

  • Access through a VPN
  • Dividing up the network
  • Centralized alerts and monitoring
  • A professional security check

Firewall rules work best when they are part of a bigger plan for security.

About the Technology of Epis

Epis Technology helps businesses protect their data, set up their IT infrastructure, and get the most out of their NAS environments by offering Synology consulting services. The company focuses on setting up Synology systems, designing firewalls and network security, making sure backups are safe, and keeping an eye on system health. Epis Technology helps clients lower their risk while still being able to access their Synology systems reliably by setting up firewall rules that are easy for beginners to understand but still professionally structured.

Related Posts