Question Firewall and NTP - help me read this rule

Currently reading
Question Firewall and NTP - help me read this rule

I've enabled the NTP service on the router so that certain devices can use it.

Is this rule needed and is it allowing outside sources into the network?
2019-11-23_18-06-48.png
 
Last edited:
Personally I don't run the NTP service on the router but on both my NAS (which sync to Internet NTP). I then direct SRM to use the backup NAS as its NTP server. If the Internet goes down and I need to reboot the router (which is more often the case when trying to troubleshoot or refresh after an outage) it will have a NTP service available. If I recall right, using 2-step verification can be time dependant and my SRM admin uses 2-step.

Your firewall rule is set to allow any device, LAN or Internet, to access your router for NTP, so I'd delete it. Likewise the disabled rule below it ... I would restrict web access to the SRM to local devices only. You can run VPN Plus and allow users to first authenticate using that and then they can using the SRM LAN IP to access the web portal.
 
It was but saw that I didn't need it. Thank you though. I know these rules are basic in comparison to other firewalls but it's very interesting learning process. Especially when it comes to making sure that the outside can't reach certain devices.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

OK. I don't bother with QuickConnect for my router, there's nothing running on it that others need to have...
Replies
6
Views
1,356
I have setup from zero, thanks for trying to help. Thread can be closed now.
Replies
6
Views
1,862
Just asking again if more in-depth information or rules are available than link posted. I keep creating...
Replies
1
Views
1,227
Now I'm not looking on my phone.... The best you can do is to split the single 192.168.1.0/24 subnet and...
Replies
6
Views
2,056
  • Question
You can allow US traffic, and deny all else. That effectively denies all non-US traffic, and is superior...
Replies
13
Views
1,981
ofc you can test the rules when they're setup. Ping from any device to any device within your LAN - ping...
Replies
11
Views
1,310
Deleted member 5784
D

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top