Unable to route Download Station traffic through LAN 2

Currently reading
Unable to route Download Station traffic through LAN 2

16
2
NAS
DS923+
Operating system
  1. macOS
  2. Windows
Mobile operating system
  1. iOS
I'm trying to route Download Station's traffic through LAN 2. My plan is to use a VPN on LAN 2, once I can set this up.

I went into the firewall and blocked all BT/eMule traffic from LAN 1 and allowed it on LAN 2. However, upon doing this, I still see that Download Station is using LAN 1 to download, as seen in the Activity Monitor and on my network controller. How is this possible if I'm telling the firewall to block it?

The second issue I'm having is that when I successfully install PIA using openVPN and run it on LAN 1 as a test, Download Station loses connection and doesn't download or search. I see that PIA is connected, but I get nothing from Download Station. Furthermore, a traceroute to google.com just hangs, with no result. It's like the NAS loses connection entirely when using PIA VPN. Any ideas of what coule be happening?
 
Sure, I just went into the Firewall section in Control Panel -> Security of DSM.

Screenshot 2023-01-14 012618.png
 
I suspect it's not bocking bittorrent because it's only blocking unsolicited incoming packets - it's not blocking your NAS from establishing bittorrrent connections with other devices outside your network, or blocking those devices from responding.
 
Last edited:
Alright, figured this out. The solution is not the best, but it works very well.

The solution is to run DSM in a virtual machine and then tunnel the entire virtual machine. Problem solved.

Follow this to install vDSM in your NAS: How to Setup Synology DSM as a Virtual Machine (vDSM) - WunderTech

Then, follow these steps to make it work with Private Internet Access:
To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.


I've checked with IP leak and using curl ipecho.net/plain and can confirm this solution works.

Assign 1-3 GB RAM to the virtual machine. However, you'll likely need to increase RAM in your machine if you want to maintain responsiveness, especially if you're running other stuff on it. I got a cheap 16 GB stick from Amazon and everything works like it should:

Amazon product ASIN B07YXCBVWX
Synology, if you're reading, why do I have two LAN ports yet have to do all this to make something so simple work???

EDIT: There are a few advantages to this setup, despite it being somewhat cumbersome.
  • All of your downloads are now on a virtual machine prior to moving them to their final destination. If you donwnload something bad, it will mess up your virtual machine and you can just re-create it
  • It allows you to test updates and new software in a virtual environment, prior to doing so in production
  • The whole VDSM is tunneled through a VPN, which I think is a plus
 
Wouldn't it be easier to just use the firewall in your router? That is: Each of your LAN ports has a different IP address. You'd set the router to deny bittorrent traffic to/from the LAN port you don't want to use for torrenting.
 
Wouldn't it be easier to just use the firewall in your router? That is: Each of your LAN ports has a different IP address. You'd set the router to deny bittorrent traffic to/from the LAN port you don't want to use for torrenting.
This is true, but there are no guarantees that DSM will route that traffic through LAN 2 instead of just failing. When I was testing with the NAS' firewall, traffic would just completely drop.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Old thread notice: There have been no replies in this thread for quite some time. The last reply was on .
The content in this thread may no longer be relevant. It might be better to open a new thread instead.

Similar threads

Snapshot consumption can only be determined through the package itself... AFAIK, snapshots can only be...
Replies
10
Views
1,598
  • Locked
CLOSING THREAD, as this was resolved here: Oh, No... DSM 7.1 *REMOVED* critical SSD/NVME Cache...
Replies
1
Views
3,445
Click the "start" button, then Package Center, then find Storage Analyzer, click on it, select the little...
Replies
15
Views
6,748
Hmm, another feature victim of DSM7, I never looked when I was running DSM6, but as the OP has stated, no...
Replies
12
Views
3,869
Yes, I'm on DSM 7, I'm willing to bet that takes up the extra 30%. Though I could check that with my 414j...
Replies
16
Views
5,740
  • Question
Ok, changing the ports didn't help. I refreshed the Synology / LE certificate too but that didn't seem to...
Replies
4
Views
2,389
Ping is irrelevant here when it comes to testing out traffic and connectivity. Telent works you say? Using...
Replies
5
Views
3,143

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top