VPN & Access Control with Network Services Filter

PunchCardBoss

Occasional Visitor
Non-Profit Organization LAN Office Setup:
  • Router: AX88U (LAN 192.168.99.1) running AsusWRT 3.0.0.4.388_20558 FW
  • Printer: Konica Minolta model 308 (LAN 192.168.99.35)
    • Printer Port number: 9100
  • Synology 920+ NAS (LAN 192.168.99.50)
    • NAS File Services Port #: http=7000; https=7001
  • Other LAN devices: some PC, and MacOS
  • Remote Users: some PC, and MacOS with Konica Minolta LAN printer drivers loaded.
Objective:
  • Allow remote LAN printing of documents residing on the Synology Server with PC, and MacOS devices.
  • Control remote VPN access to Synology File Services and Printer only for security purposes.
For the purposes of this post, I am considering OpenVPN
  • Port number assigned: 55559 (I know the default port number for OpenVPN is 1194)
  • VPN IP address: 10.10.0.8
DENY filter (educated guess)

Source
Source
Destination
Destination
ProtocolNotes
IP
Port
IP
Port
555591:6999TCPDeny ports < 7000
555597002:9099TCPAllow 7000 & 7001
555599101:65535TCPDeny ports > 9100 to max

Will this work to DENY VPN communication packets (Source) for all LAN (destination ports) except the NAS file services ports 7000, 7001 and printer port 9100?
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top