Info Port forwarding rules not have to generate firewall rules

Currently reading
Info Port forwarding rules not have to generate firewall rules


NAS Support
DS1520+, DS218+, DS215j
  1. RT2600ac
  2. MR2200ac
  3. RT6600ax
  4. WRX560
Operating system
  1. macOS
Mobile operating system
  1. iOS
I just noticed the Setting button on the General tab of Network Center's Port Forwarding page.

Throwing caution to the wind I clicked it and found three options. Two are for UPnP and I have UPnP disabled, but the third, when enabled, will auto-generate firewall rules for the port-forwarders.

I would say that most times this is useful provided you normally want to accept any source IP communicating with the local destination. It's easy to add a restrictive rule and then an any/any/deny below it which will stop the auto-rule from being hit. Of my port-forwarders I've got one out of nine rules that I do this. But if you normally apply restrictions to port-forwarded service then disabling this Settings option is probably a good thing to keep the firewall policy clean.

I have lots of restriction rules at the top of my firewall policy that does the pre-filtering for all services.

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

The thread when the RT6600ax was announced. Much talk about the one 2.5 GbE port...

Welcome to! is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads