Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Synology and ZoneAlarm

  1. #1
    jaberwock Guest

    Default Synology and ZoneAlarm

    I have ZoneAlarm Extreme Security 9.3.014 and am using a Synology DiskStation DS210j NAS. This uses 2 pieces of software (Synology Assistant and Disk Replicator) for management and backups. As far as I can understand, these use ports 9997-9999.

    All was well on WinXP. I upgraded to Win7 and the above two S/W packages could no longer contact the NAS. Disabling the firewall did not help. Completely uninstalling ZA allows the Synology S/W to work, so I know it is ZA interfering in some way.

    The NAS is in the trusted zone, so I would expect the UDP broadcasts from the NAS on ports 9997-9999 to be allowed. However, I can only get the Synology Assistant to recognise the NAS if I explicitly put in an expert rule for TCP/UDP packets from the NAS IP to ports 9997-9999. (Interestingly, if I try and add this rule as a group, I get a BSOD with a buffer overrrun ).

    So, ZA doesn't appear to be doing what it says on the tin in this case and I have to explicitly re-add a rule which should be covered by the trusted zone catch all (this appears to be different behaviuor between ZA on WinXP and Win7).

    I now have Synology Assistant working (which allows basic management functions). However, I still can't get Disk Replicator working (it cannot find the NAS), which is the backup software. This is all the more frustrating as ZA isn't logging what it is blocking (I only get the logging of the successful broadcast to 255.255.255.255:9999 from the NAS in response to the Synology Assistant query because I added the expert rule). The only thing I see is in the Program log entry for Backup.exe (Disk Replicator) source IP 0.0.0.0:9998 - Incoming (listen) and allowed.

    I've now added another rule for TCP/UDP packets source IP 0.0.0.0, ports 9997-9999. Now, the NAS can be seen, , however it can't see any of the shared folders (that it could see on WinXP). As a side note, I can see and write to shared folders from Windows Explorer.

    For good (??) measure, I've set up the Synology apps to allow everything and be super trusted.

    ==>
    UPDATE - Drat and double drat. Just tried both Synology Assistant and Disk Replicator again and neither can find the NAS and there is no logging at all.

    Can anyone help on setting up ZA to allow Synology Disk Replicator to work? Failing that, can anyone help to force the logging to show what is blocked? (NB - I have logging set to High/On). My impression is that ZA is somewhat flakey handling UDP authorisation under Win7

    Doug Duthie

  2. #2
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,469

    Default Re: Synology and ZoneAlarm

    I'm Sorry, We are all Users here in this ZA User Forum..
    And I have never used "Synology Assistant and Disk Replicator" or seen another Post dealing with "Synology Assistant and Disk Replicator",

    You must Contact ZA Tech Support Live Chat directly with Details on your Computer Hardware and Software, What version Of Windows, and Deatails on How to Re-produce your problem so that the problem can be logged and duplicated on their Test computers..

    Click on the Support link in my Signature..
    Last edited by GeorgeV; September 8th, 2010 at 04:17 AM. Reason: typo
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    jarip Guest

    Default Re: Synology and ZoneAlarm

    I have two QNAP NAS units and had to enable Netbios related TCP/UDP ports (outgoing) 135, 137-139 and 445 in the Custom Firewall Settings dialog in ZAISS to get access. I have Win XP SP3, though.

  4. #4
    jaberwock Guest

    Default Re: Synology and ZoneAlarm

    Hi,
    I've just checked and Synology uses Netibios 137-139 and 445 as well as UDP 9997-9999.

    Just to check I'm not doing anthing dumb, how should I be opening these ports, bearing in mind the NAS is in the trusted zone with medium security set?

    Should I set the rule in Firewall->Main->Trusted zone->Custom? If so this confuses me slightly. The only option to allow UDP ports is in High security mode, whereas medium security mode implies UDP and the above NetBios ports are open by default.

    If you need to go through Firewall-> Expert to create rules, how should I configure these? As far as I can gather, Synology Assistant listens on ports 9997-9999 for TCP/UDP packets from the NAS.

    I had this partially working once, but no more..

    Thanks,
    Doug

  5. #5
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,469

    Default Re: Synology and ZoneAlarm

    Have you Contacted Tech Support Live Chat yet?

    did their solution resolve your problem?
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  6. #6
    Join Date
    Dec 2002
    Location
    San Carlos, California
    Posts
    1,640

    Default Re: Synology and ZoneAlarm

    If you went from XP to Win 7 then the NAS is probably accessed via IPv6 on Win 7 and data is tunneled to an IPv4 address to the NAS.

    Make sure in ZA you have IPv6 support turned on and also try turning on "Allow uncommon protocols at High security

    Both can be found in ZA under Firewall >> Main, then click the Advanced button.



    Forum Moderator
    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    jaberwock Guest

    Default Re: Synology and ZoneAlarm

    Thanks for the responses:
    @GeorgeV - I tried technical support chat, but unfortunately they weren't able to help

    @Forum-Moderator - IPV6 support was already ticked. I've now ticked "Allow uncommon protocols at High security", however this didn't resolve the situation.

    What is odd, is that I had it partially working twice (by adding expert rules), but then it stopped working. Unfortunately, it only seems to log these types of request when I've got it working, so I can't work backwards by looking at what it is blocking.

    Also, setting Internet/Trusted zone security to "Off" (which implies the firewall is off) doesn't allow these connections (only uninstalling ZA allows them) which implies some other part of ZA is at work.

    I'm therefore not sure if it is a problem with configuration, or ZA isn't quite working as it should do. Is there a super-verbose logging option so I can see everything ZA is doing (over and above the High/On logging settings via the UI)?

  8. #8
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,469

    Default Re: Synology and ZoneAlarm

    Quote Originally Posted by jaberwock View Post
    Thanks for the responses:
    @GeorgeV - I tried technical support chat, but unfortunately they weren't able to help?
    Thank you for taking the time to provide Feedback..

    I still encourage you to continue providing Feedback to Tech support, they may be able to log and escalate your problem on up the food chain to the developers, if you properly discribe how to replicate you problem and provide more details about your computer Hardware and software configuration?

    Tech Support are the only ones able to troubleshoot and/or log your issue properly.
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  9. #9
    Join Date
    Dec 2002
    Location
    San Carlos, California
    Posts
    1,640

    Default Re: Synology and ZoneAlarm

    I would also post this issue on the user forum for the NAS device. Someone else who own this device may have had this issue also and some advise.

    Also check to see if there are any newer version of the two apps. Since it was working in XP and not in Win 7 it could be a utility issue in win 7 that conflicts with ZA. Meaning the utilities have issues under win 7 and not XP.

    Also chat with the NAS support dept about this issue.

    We personally don't have these NAS drives at ZA and there not cheap so buying a unit to test for 1 user out of 3 million probably wont happen soon.

    So if the NAS company can test then contact our Dev dept then odds are much better getting fixed.


    Forum Moderator
    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  10. #10
    tristansjoberg Guest

    Default Re: Synology and ZoneAlarm

    2 out of 3 million...

    I have a Synology DS209 and ZAISS installed and experience the same problem as jaberwock. If I shutdown, or uninstall, ZAISS then Data Replicator and Synology Assistant does connect, but not if ZA is running.

    I am using the latest build (-1157 for DS Assistant etc) of both programmes and they are certainly compatible with Windows 7 as my wife has no problem with them whilst running Windows 7 and McAfee.

    Ticking "Uncommon protocols" and "IPV6" does not have an effect.

    Definitley a ZA issue and I hope this can get resolved quickly as NAS usage is on an exponential growth curve for home users.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •