I asked this over on reddit but didn't really get the info I needed, so hoping the experts at this new forum will be able to help
I've recently setup a VPN on my RT2600ac router with SSL VPN and OpenVPN (not sure why I setup both, I guess I'm just playing around as I'm new to VPNs).
I want to setup firewall rules, ideally for both my RT2600ac and DS1019+ so that externally the only things to get through would be through the VPN, and be able to access things on my local LAN such as DSM, web UIs for Docker containers I'm running (Home Assistant, Sonarr, Resilio Sync etc.)
I've tried setting up rules and already locked myself out of my NAS once, so thought I'd try and get help from people who actually know about this
Here's what I've created for the RT2600ac
My hope is to only allow traffic through the VPNs, and then only allow traffic from the dynamic IP range of the VPNs (maybe these aren't needed at all?)
And here's what I've created for the DS1019+
Trying to allow access to DSM and it's various apps, but only via the LAN (through the local IP range), and externally through the VPN.
I haven't actually enabled the 'DENY ALL' rules to stop everything else yet as I'm trying not to lock myself out (again).
Do these rules look as though they should achieve what I'm trying to do?
I've recently setup a VPN on my RT2600ac router with SSL VPN and OpenVPN (not sure why I setup both, I guess I'm just playing around as I'm new to VPNs).
I want to setup firewall rules, ideally for both my RT2600ac and DS1019+ so that externally the only things to get through would be through the VPN, and be able to access things on my local LAN such as DSM, web UIs for Docker containers I'm running (Home Assistant, Sonarr, Resilio Sync etc.)
I've tried setting up rules and already locked myself out of my NAS once, so thought I'd try and get help from people who actually know about this
Here's what I've created for the RT2600ac
My hope is to only allow traffic through the VPNs, and then only allow traffic from the dynamic IP range of the VPNs (maybe these aren't needed at all?)
And here's what I've created for the DS1019+
Trying to allow access to DSM and it's various apps, but only via the LAN (through the local IP range), and externally through the VPN.
I haven't actually enabled the 'DENY ALL' rules to stop everything else yet as I'm trying not to lock myself out (again).
Do these rules look as though they should achieve what I'm trying to do?