Question Firewall and NTP - help me read this rule

Currently reading
Question Firewall and NTP - help me read this rule

21
3
Router
RT2600ac
I've enabled the NTP service on the router so that certain devices can use it.

Is this rule needed and is it allowing outside sources into the network?
2019-11-23_18-06-48.png
 

fredbert

Moderator
NAS Support
Subscriber
1,310
550
Operating system
macOS
Mobile operating system
iOS
Personally I don't run the NTP service on the router but on both my NAS (which sync to Internet NTP). I then direct SRM to use the backup NAS as its NTP server. If the Internet goes down and I need to reboot the router (which is more often the case when trying to troubleshoot or refresh after an outage) it will have a NTP service available. If I recall right, using 2-step verification can be time dependant and my SRM admin uses 2-step.

Your firewall rule is set to allow any device, LAN or Internet, to access your router for NTP, so I'd delete it. Likewise the disabled rule below it ... I would restrict web access to the SRM to local devices only. You can run VPN Plus and allow users to first authenticate using that and then they can using the SRM LAN IP to access the web portal.
 
Last edited:
21
3
Router
RT2600ac
Thank you, I didn't think it should be there but was confused when enabling the service it was suggested. The rule below is disabled as well. Thank you,
 

fredbert

Moderator
NAS Support
Subscriber
1,310
550
Operating system
macOS
Mobile operating system
iOS
I saw the second rule was disabled, but mentioned it just in case you were thinking to enable it :)
 
21
3
Router
RT2600ac
It was but saw that I didn't need it. Thank you though. I know these rules are basic in comparison to other firewalls but it's very interesting learning process. Especially when it comes to making sure that the outside can't reach certain devices.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top