How to make Synology Reachable on LAN Only

I lately had a dilemma: what is the silver bullet to stop this problem from happening?

Synology - Auto Block

DMZ is the solution

I have already disabled the admin account and changed the SSH port. The brute force attack has since diminished but is not gone away.

I need SSH enabled because I work with Docker.

The root cause was that I had whitelisted the IP address of the Synology on my router DMZ in order to reach it from outside my LAN:

Synology - DMZ with SSH

Once I turned that on my Synology was reachable only from within my LAN  network.

Synology - Disable DMZ for SSH

And now yes, I can still use SSH to connect to Docker and other VMs but only within the LAN.

The brute force attack are gone for good.


Leave a Reply

Your email address will not be published. Required fields are marked *