wallacemarino
Occasional Visitor
One IP connection 'bridged' across 2 hardware RJ45 ports for increased transfer speeds. A supported feature for this Synology NAS.
NAS security help.
- Thread starter wallacemarino
- Start date
-
- Tags
- firewall nas advice security
Use non-standard ports, so bot traffic will not constantly hit it.
Also if your router supports it, set up your port forward to only allow traffic from your work's IP address. This is possible with Asus routers, don't know about other manufacturers.
I use these two methods here to secure remote access to my own NAS (to which I have a VPS dropping weekly backups over FTP).
Also if your router supports it, set up your port forward to only allow traffic from your work's IP address. This is possible with Asus routers, don't know about other manufacturers.
I use these two methods here to secure remote access to my own NAS (to which I have a VPS dropping weekly backups over FTP).
dosborne
Very Senior Member
Usually, and presumably in this case, also known as port trunking or port aggregation, depending on the manufacturer.
L&LD
Part of the Furniture
For the NAS at home used as a backup, I'm sure that is not needed. Particularly if it is the only device on the network.
At your business though, are you seeing improvement from the Port Trunking/Aggregation? If not, I would disable it there too.
I am pretty sure that what you have is faster than even an RT-AC68U or RT-AX88U can do over OpenVPN.
Your RT-AC86U at the office is the limiting factor.
Your best way forward is to get OpenVPN working on both of your NAS'.
dosborne
Very Senior Member
Not sure about Synology specifically,but in general, the vpn implementation in the NAS units I've seen sucks, is old, and full of vulnerabilities, degrades performance, few options. I stick with running it on the router (best placed to protect your network) or move it to its own hardware such as the RPi4.
L&LD
Part of the Furniture
I think these units may be above both our initial expectations. 
www.snbforums.com
NAS security help.
Hi all. I'm new here, so apologies if this is posted in the wrong place. I recently added a Synology NAS to my home network. It has a dedicated IP that is entirely detached from all my other network hardware. The NAS is used as a backup server for an identical unit at my business address and...
www.snbforums.com
wallacemarino
Occasional Visitor
Thanks again for your input. You may be correct about the aggregation on my home unit. The aggregation on the business unit is necessary though for sufficient bandwidth to serve video to multiple edit machines at once.
TBH I'm not too bothered about the transfer speed between units currently, my focus is ensuring my home unit is secure.
ShagBark
Occasional Visitor
number 4 below might be a winner. just posting some changes I made on my NAS that I can see.
1 Merlin mentioned non standard ports.
2 disable the default admin user and create a new admin. You can use 64 characters for user if you'd like
3 enable the auto block.
4 allow/block IPs.
1 Merlin mentioned non standard ports.
2 disable the default admin user and create a new admin. You can use 64 characters for user if you'd like
3 enable the auto block.
4 allow/block IPs.
Similar threads
Similar threads
Similar threads
Latest threads
-
Cannot upgrade asuswrt-merline firmware from 3004.388.9_2
- Started by wandererm
- Replies: 1
-
-
Voxel Custom firmware build for R9000/R8900 v. 1.0.4.85HF- Started by Voxel
- Replies: 0
-
Asus use different code for production and public GPL tarballs
- Started by Banxian
- Replies: 3
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!