Question SRM Firewall help

Currently reading
Question SRM Firewall help

  1. RT2600ac
My current setup:
I have a SRM2600ac router and a couple of Netgear switches, one is a PoE switch for external PoE cameras. Those cameras record to a NVR (BlueIris) internally, those cameras and the NVR don't have a gateway address and they are also are set up in the firewall to be denied access to the internet as well as they are apart of a profile through Safe Access to be denied internet. They are only accessible internally. I also have a Guest wireless for when or if people come over and I will typically put my phone on it. That network is segregated.

I'd like to add a Personal weather station device to the network so that it can report local weather. I don't want it to "potentially" scan my internal network or if it became compromised it wouldn't affect my internal network.

With that said, I'd like the device to go on guest network, but have me be able to access it via the local LAN when on the internal network (faster readings). Is there a way to punch a hole in the firewall so that internal can get to JUST that guest IP? Or can I put it on internal and have it ONLY access internet and not have it be able to scan internal?


Could you pls carefully write:
- what kind of devices you would like to keep in what kind of network?
- what kind of network limitations did you expect for the defined networks?
- what devices needs WAN
- what devices you would like to operate w/o WAN (LAN only)
- what kind of devices should be accessible within LAN(s)

Paper and pencil, screenshot, post here.


NAS Support
DS1520+, DS218+, DS215j
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Busy and missed it? :)

I think you're going down a path that no-one on here has investigated. It's probably going to be: someone mocks up something on their network and tells you what they find out, or you do it.
  1. RT2600ac
What I'm looking to do is to have a Weather monitoring system stay on the GuestWireless but IF possible, for a desktop to access that device while that desktop is on the internal LAN when internal LAN access is not allowed. Wasn't sure if there's a firewall option for that.

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to! is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads