Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 6 subscribers
  • Views 1124 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM blocking Synology Drive file share links?

ukhan jemb

Hi folks

I have an interesting problem.

I have a Synology 1517+ NAS sitting behind a SophosUTM appliance.

The UTM has correct firewall configuration to let through key NAS services - admin access, file access, etc. Normally I can access Synology's Drive service (equivalent to Google Drive but running on my own server) outside my home network with no issues.

The problem happens when I want to share files from Synology Drive. The file share creates a link to the file as seen in the screenshot below. The problem is that this link cannot be accessed outside my LAN. Access outside my LAN throws a "ERR_CONNECTION_RESET" error.

I have checked ports used by Synology Drive and it's all the same ones I already have opened. Given the issue only happens when accessing outside my LAN, I place this firmly at the feet of Sophos.

Any advice much appreciated.



This thread was automatically locked due to age.
Parents
  • 0

    Your screen shot is null.

    You need to have some sort of DNAT rule to allow inbound (from wan) traffic.  Show us pics of all applicable rules you have defined.

    Personally, I do not allow access to my nas from the internet directly. I run an instance of nextcloud which has its own vnic/vlan and different subnet from the nas.

    Edit: Nextcloud itself uses WAF for inbound access to nextcloud, so that provides another layer of protection.

Reply
  • 0

    Your screen shot is null.

    You need to have some sort of DNAT rule to allow inbound (from wan) traffic.  Show us pics of all applicable rules you have defined.

    Personally, I do not allow access to my nas from the internet directly. I run an instance of nextcloud which has its own vnic/vlan and different subnet from the nas.

    Edit: Nextcloud itself uses WAF for inbound access to nextcloud, so that provides another layer of protection.

Children
No Data
Unfiltered HTML