What's new

Port forwarding: AC68U & Synology & Merlin

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

simistef

Occasional Visitor
Hi there,

i've just moved to Merlin firmware, and i cannot setup the port forwarding rules anymore like with the standard ASUS firmware.

Synology identifies the Merlin firmware and version (Firmware:380.65_4) correctly, i do save the settings and all ports are marked as OK. Then i do a test and everything works by accessing services from WAN, until i close browser and everything is lost.

On System Log menu on router i see a new menu called Port Forwarding which does not exist on original firmware but have no idea what i does ...

Can someone guide me please how can i automatically do the port forwarding without manual intervention on the router ?

Many thanks !
 
Synology identifies the Merlin firmware and version (Firmware:380.65_4) correctly, i do save the settings and all ports are marked as OK. Then i do a test and everything works by accessing services from WAN, until i close browser and everything is lost.

No reason for it not to work, that code is pretty much unchanged from Asus's. Try a different browser, make sure it's not an add-on interfering.

On System Log menu on router i see a new menu called Port Forwarding which does not exist on original firmware but have no idea what i does ...

It simply shows you the list of ports that are forwarded.
 
With the latest firmware for the router, now seems to work. Even Synology did sent a message wich said that the router was recognized as UPnP. However, the port forwarding list is empty on the router, which is still strange ... but works now.
 
OK...less than 12 hours after declaring that it works, it stopped working again ...

This is working with the orginial firmware. I had a rollback and did the test, which worked just fine.
 
On my AC-88u and Qnap I have to change the AICloud ports and web access on the 88u as they use 8080 and 8081 which my qnap likes and UPNP can be finicky. UPNP from the qnap works flawlessly after that.
 
I have no issue forwarding a port to my Synology NAS with Merlin firmware. Can you post a screen shot of the Virtual Server/Port Forwarding tab under WAN settings?
 
The Port Forwarding is always empty in WAN settings. When i finalize the automatic setup from Synology NAS, i can see all settings under: System Log -> Port Forwarding. But just for 30 minutes or so...

I manage to catch something in the logs, that is actually wiping all these settings:

Code:
May 23 19:41:08 miniupnpd[959]: removed 43 unused rules

So yes, i have not accessed specific ports in that period of time, and the router just deleted the configuration some how.

Running latest firmware now 380.66_2
 
I do not use the Synology automatic router configuration as I found it erratic...sometimes it worked, sometimes not. I just configure and leave the appropriate port forwarded to the Synology device in the router
 
So yes, i have not accessed specific ports in that period of time, and the router just deleted the configuration some how.

That probably means that Synology requests a port forward with an "expiration" time, and they don't refresh the mapping.

Check the System Log -> Forwarded Ports page - does it show the remaining time next to each forwards? If so, I recommend contacting Synology about it, and asking them to check to ensure that when they request a port forward, to either not provide a maximum lifetime, or to take care of refreshing the forwards as needed.

As a potential workaround, you can try the following nvram setting (untested):

Code:
nvram set upnp_clean=0
nvram commit
service restart_upnp
 
OK, it seemed to work, at least for the moment. I will give it couple of more days until finally confirming that it has actually worked out.

Many thanks for you suggestion.
 
Another update, and back again into the problem. Now i cannot use naymore the automatic update feature from Synology NAS of sending the port forwarding rules on the router.

Neither manual port forwarding is not working anymore. Bugger ... i will probably get back to the original firmware...
 
Make sure you update to 380.68, at it resolved one potential issue related to port forwarding under very specific configurations.
 
Hi Merlin, yes i am on 380.68 version now, and Synology NAS is not recognizing the router anymore on auto setup.

in the logs, i get in loop this message:

Aug 30 22:10:51 rc_service: httpd 500:notify_rc restart_firewall
Aug 30 22:10:51 miniupnpd[24606]: shutting down MiniUPnPd
Aug 30 22:10:51 start_nat_rules: apply the nat_rules(/tmp/nat_rules_eth0_eth0)!
Aug 30 22:10:52 miniupnpd[25868]: HTTP listening on port 60006
Aug 30 22:10:52 miniupnpd[25868]: Listening for NAT-PMP/PCP traffic on port 5351


No idea, where is it coming from
 
Hi Merlin, yes i am on 380.68 version now, and Synology NAS is not recognizing the router anymore on auto setup.

in the logs, i get in loop this message:

Aug 30 22:10:51 rc_service: httpd 500:notify_rc restart_firewall
Aug 30 22:10:51 miniupnpd[24606]: shutting down MiniUPnPd
Aug 30 22:10:51 start_nat_rules: apply the nat_rules(/tmp/nat_rules_eth0_eth0)!
Aug 30 22:10:52 miniupnpd[25868]: HTTP listening on port 60006
Aug 30 22:10:52 miniupnpd[25868]: Listening for NAT-PMP/PCP traffic on port 5351


No idea, where is it coming from

That message indicates you changed something on the webui, which required a restart of the firewall and UPnP daemon. Nothing abnormal there.
 
You can get a list of ports from the Synology site. I recommend going there and setting this up yourself. You can do it faster and it will work forever and its easy.

Leave Source IP section blank under merlin.

Service Name | Source IP | Port Range | Local IP | Local Port | Protocol
DSM ------------ | BLANK ---- | ---- 5000 ---- |192.168.XXX.XXX | 5000 | TCP

don't use the (---) above when you do it.

Click on the add at the end of the line and then Apply at the bottom of the page and you are done.

Of course you can change the ports to whatever your using but this is there default port for DSM.

The other thing you need to do is go to Control Panel inside DSM and security tab. Then goto the account tab and enable the auto block tab. this way if someone finds your site and they will the nas will auto ban them from it once they fail the desired amount that you set.
 
Last edited:
YES ! This was what fixed my problem !

Source of IP i left it blank and it worked.

Many thanks mikelees2 for your detailed explanation !
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top