Great video! Lol … You must be my brother from another mother. Both Italian Tony’s, both love our Synology NAS’ and Routers, both love our tech, both are drummers, and both have tats! I have a DS1821+ and DS1621+ at home and a DS920+ at my daughters house for two way Hyper Backups over Tailscale. I have 2 Synology RT660ax’s and an RT2600ac I’m about create a mesh with to replace my old Netgear Orbi 5. One of the main reasons, other than loving Synology’s software is I want to do what you have shared, isolate my IoT from my Compute, wired and wireless. Plus my Orbi is not handling over 100 devices very well. Again thanks for the tutorial. Im hitting the sun button now! 😁👍🏻
Thanks so much Frank. I really appreciate your kind words. I’m really liking this RT6600AX, especially since the Eth1 is configurable as either 2.5G LAN or WAN.
Thanks Tony, your videos are top notch. Can I assume that I can use firewall rules to achieve the following? Block specific ports from being used by devices on my network, and, block specific external IP addresses being reached by devices on my network? Amazingly, I couldn't find official Synology documentation describing the usage of the firewall rules.
Thanks very much for this awesome video Tony. I just got a Synology router and knew this was possible, but was struggling with how to do it. Your video lays it out so well with great examples and easy to follow steps.
That looks pretty easy, although some of the utilities I've recently demoed would get around the ICMP rules. For most home networks this would be a great step!
Hello Michel, thanks for watching and commenting. Here’s a help article direct from Synology you might find useful. Have a great day! kb.synology.com/en-us/DSM/help/ProxyServer/proxy_server_transparent?version=7
Great explanation, thanks. I’m not sure if synology have changed anything, but I cant cross networks with no firewall rules & network isolation disabled?
@@QuikTechSolutions Yes. Both networks could get to the internet but not each other. I do suspect some changes as I also cant add multiple wifi skids to one network, from the spec of the router & even the wording on the gui, I thought this should be possible.
@paulthomas-vo5vf I’m not aware of any changes, however, not saying Synology hasn’t made any. Going on the premise that something has changed, have to tried creating firewall rules allowing traffic to flow between the two networks?
@@QuikTechSolutions Yes, I tried that too. I followed the synology doc, just leaving off the deny rules. It still didnt work. I assume wifi connected devices work the same as wired, I was testing from an ipad?
Great video but I have a head scratcher. Setup network isolation, main and IoT networks but I can still ping the IoT network but not the other way around.
Thanks for watching! That’s not a bad thing. But, if you want to isolate in both directions, make sure you enable isolation on the main network. Or, you can create a firewall rule manually. Have a great day.
@@QuikTechSolutions thanks for the quick reply, hats off sir. Both are isolated, strange one. I can’t ping a device on the IoT network but the main IP I can. Cheers
@@QuikTechSolutions last question. That first rule, you don’t mention. I’m sure you did elsewhere but can’t find. Could you tell me what the windows part is?
@@QuikTechSolutions okay, thank you. Mine didnt have that by default. Wonder if the new update removed it. I believe it is so you don’t lock yourself out of SRM when changing rules
For my home security cameras, I didn't want to get into the complexity of setting up a VLAN and related firewall rules. Instead, I created a filter in the safe access app so that the only external access the cameras were allowed was to update their time clocks. My rationale was that, even if the cameras could access my entire LAN, they couldn't do anything with info that they gathered such as communicating it back to their mother ship in China. They won't get firmware updates, but since they work exactly as I want, I'm ok with that.
Great video! Lol … You must be my brother from another mother. Both Italian Tony’s, both love our Synology NAS’ and Routers, both love our tech, both are drummers, and both have tats!
I have a DS1821+ and DS1621+ at home and a DS920+ at my daughters house for two way Hyper Backups over Tailscale. I have 2 Synology RT660ax’s and an RT2600ac I’m about create a mesh with to replace my old Netgear Orbi 5. One of the main reasons, other than loving Synology’s software is I want to do what you have shared, isolate my IoT from my Compute, wired and wireless. Plus my Orbi is not handling over 100 devices very well. Again thanks for the tutorial. Im hitting the sun button now! 😁👍🏻
Hello Italian Tony! Yes, it appears we have lots of parallels. Glad you found the video helpful. Thanks for subbing the channel.
Very good video. You not only explain how to do something but why.
Thank you! Appreciate you taking the time to leave a comment. Have a great day!
Amazing video, Tony - one of the best firewall videos I've ever watched! Extremely easy to understand and learned a lot - thanks!
Thanks so much Frank. I really appreciate your kind words. I’m really liking this RT6600AX, especially since the Eth1 is configurable as either 2.5G LAN or WAN.
Great job Tony. Very clear and thorough.
Thanks for watching Michael
What an excellent video Tony! Wow, that was such a delight to watch, explained beautifully! Loved it!
Wow, Avi what a kind comment. I really do appreciate it very much. Have a great day!
Easy to understand. I get asked all the time about segregating networks. I didn't even know synology had this.
Thanks for watching
Pretty sweet, I do this on all my firewalls too. Guest network gets 80 443 & 53, & CFS.
Thanks for watching
Thanks Tony, your videos are top notch. Can I assume that I can use firewall rules to achieve the following? Block specific ports from being used by devices on my network, and, block specific external IP addresses being reached by devices on my network? Amazingly, I couldn't find official Synology documentation describing the usage of the firewall rules.
Thanks very much for this awesome video Tony. I just got a Synology router and knew this was possible, but was struggling with how to do it. Your video lays it out so well with great examples and easy to follow steps.
Hey Phil! Glad you found the information in the video helpful! Great choice of router, btw! Have a great day!
That looks pretty easy, although some of the utilities I've recently demoed would get around the ICMP rules. For most home networks this would be a great step!
I agree! Thanks for watching.
Great video (as usual Tony) you have another 'Like' 🙂
Thank you David! Much appreciated!
@@QuikTechSolutions You are very welcome Tony 🙂
Great video. Great explained. Is there a way to use a proxy with synology nas and synology router ?
Hello Michel, thanks for watching and commenting. Here’s a help article direct from Synology you might find useful. Have a great day! kb.synology.com/en-us/DSM/help/ProxyServer/proxy_server_transparent?version=7
@@QuikTechSolutions Great thx for Link, is it better dhcp with nas or leave it on the synology router
@@HoekNoot my personal preference would be leave it on the router.
Great explanation, thanks. I’m not sure if synology have changed anything, but I cant cross networks with no firewall rules & network isolation disabled?
Thanks for watching. That’s interesting. Have you checked to make sure isolation is off on all networks?
@@QuikTechSolutions Yes. Both networks could get to the internet but not each other. I do suspect some changes as I also cant add multiple wifi skids to one network, from the spec of the router & even the wording on the gui, I thought this should be possible.
@paulthomas-vo5vf I’m not aware of any changes, however, not saying Synology hasn’t made any. Going on the premise that something has changed, have to tried creating firewall rules allowing traffic to flow between the two networks?
@@QuikTechSolutions Yes, I tried that too. I followed the synology doc, just leaving off the deny rules. It still didnt work. I assume wifi connected devices work the same as wired, I was testing from an ipad?
Just curious, can you plug-in wired devices one on each network and try doing a ping from wired device to wired device?
Great video but I have a head scratcher. Setup network isolation, main and IoT networks but I can still ping the IoT network but not the other way around.
Thanks for watching! That’s not a bad thing. But, if you want to isolate in both directions, make sure you enable isolation on the main network. Or, you can create a firewall rule manually. Have a great day.
@@QuikTechSolutions thanks for the quick reply, hats off sir. Both are isolated, strange one. I can’t ping a device on the IoT network but the main IP I can. Cheers
@@QuikTechSolutions last question. That first rule, you don’t mention. I’m sure you did elsewhere but can’t find. Could you tell me what the windows part is?
@Ilikeridin it’s a system rule created by default. I didn’t create that rule. If you click on it, you should be able to see exactly what it does.
@@QuikTechSolutions okay, thank you. Mine didnt have that by default. Wonder if the new update removed it. I believe it is so you don’t lock yourself out of SRM when changing rules
For my home security cameras, I didn't want to get into the complexity of setting up a VLAN and related firewall rules. Instead, I created a filter in the safe access app so that the only external access the cameras were allowed was to update their time clocks. My rationale was that, even if the cameras could access my entire LAN, they couldn't do anything with info that they gathered such as communicating it back to their mother ship in China. They won't get firmware updates, but since they work exactly as I want, I'm ok with that.
Hello David! Thanks for sharing. Very creative work around and if it’s working for you that’s awesome.