RT2600ac Router blocking Chrome Remote Desktop

Currently reading
RT2600ac Router blocking Chrome Remote Desktop

3
0
Router
  1. RT2600ac
Operating system
  1. Windows
Mobile operating system
  1. iOS
Hi,

I recently bought a refurbished RT2600ac on ebay. I set it up yesterday and I absolutely love it, its miles ahead of everyone else despite being so old.

The issue that I have is I am trying to dial in to my home PC via Chrome RD but the router keeps blocking the connection, something about threat detected, gain privileges, drop packets, etc.

I need to figure out how to get this to work any ideas on how to set this up properly so it works?

PS: I it needs to be Chrome RD, all other methods/VPN is blocked on my company network, Chrome RD is the only thing they haven't blocked.

Thanks!
 
Hi, welcome to the forum.

You have Threat Prevention enabled and it would seem Chrome RD is triggering it. You can add custom rules in TP to alter how it behaves for specific signatures / source IP / destination IP. If your company has a static IP then you could add a rule that allows access from here.

As for things that the corporate firewall may allow, you might find that there are open ports for web proxy (8080 etc). If you can find an open port and it's not being inspected for application aware usage then you might be able to use TCP 21 (FTP) for other services. It's a bit trial and error.

Once you have found an open port you could use VPN Plus's SSL-VPN to access the home LAN. Synology has just announced the VPN Plus licences are to remain free.
 
Upvote 0
Hi, welcome to the forum.

You have Threat Prevention enabled and it would seem Chrome RD is triggering it. You can add custom rules in TP to alter how it behaves for specific signatures / source IP / destination IP. If your company has a static IP then you could add a rule that allows access from here.

As for things that the corporate firewall may allow, you might find that there are open ports for web proxy (8080 etc). If you can find an open port and it's not being inspected for application aware usage then you might be able to use TCP 21 (FTP) for other services. It's a bit trial and error.

Once you have found an open port you could use VPN Plus's SSL-VPN to access the home LAN. Synology has just announced the VPN Plus licences are to remain free.
Hi,

I think it would be easier for me to just disable TP and try again, will do it tonight.

I would rather not fiddle with the company network and scan the open ports, just now I get a call from corporate that I don't want to deal with.

Google/Chrome/RD is fairly innocuous and innocent looking.
 
Upvote 0
I would rather not fiddle with the company network and scan the open ports
I wouldn't scan ports either. Maybe try a few destination ports that may be expected to be open for normal users to the Internet. You'd have to set VPN Plus to be listening on the port first so you know it works, then browse to it. It's easier to do this while WFH via the company VPN!

I think it would be easier for me to just disable TP and try again
I'd aim to keep TP enabled in the long run. Even if that means changing the action to Alert/Do Nothing for the few rules that are blocking Chrome RD. But ideally I would look to see if the corporate gateway IPs can have their own rules to allow access while blocking this behaviour from the Internet at large.
 
Upvote 0
I wouldn't scan ports either. Maybe try a few destination ports that may be expected to be open for normal users to the Internet. You'd have to set VPN Plus to be listening on the port first so you know it works, then browse to it. It's easier to do this while WFH via the company VPN!


I'd aim to keep TP enabled in the long run. Even if that means changing the action to Alert/Do Nothing for the few rules that are blocking Chrome RD. But ideally I would look to see if the corporate gateway IPs can have their own rules to allow access while blocking this behaviour from the Internet at large.
I tried setting the action to 'do nothing' and it appears to have done nothing because Chrome RD still wont connect. I will try re-install it on my home pc later after work and see if i can get it to work. and yeah could do it on WFH on the VPN.
 
Upvote 0

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

I've narrowed it down further. Part of the story is that I couldn't log into my NAS in the normal way...
Replies
3
Views
629
Welcome to the forum. Go to the Forums list, then scroll down to find the router section...
Replies
1
Views
257
  • Question
The self-signed certificate is created just to enable secure services to work. But you can create a new...
Replies
1
Views
565
ok, just ordered a tp link 2.5g for $29 on amazon. Figured it a brand name and I only need 1g so...
Replies
8
Views
1,180

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top