Firewall blocking ethernet access to NAS - but not wifi access

Discussion in 'macOS' started by poohbear666, Dec 27, 2014.

  1. poohbear666 macrumors newbie

    Jan 26, 2011
    I recently replaced a Linksys wifi modem/router (it failed completely) with a new Netgear N600 wifi modem/router.

    I'm having some odd problems accessing a Synology NAS HDD on my LAN - I never had these problems with the Linksys router/modem ...

    1. The only connection problem I see relates to the Synology NAS HDD. All internet connections work fine. I see the same problem connecting from a browser (Firefox, Chrome, Safari) and directly from Time Machine.

    2. If I connect to the Netgear modem/router by wifi, I can connect with Firefox to the NAS by IP address and URL. This is the case with the iMac (Yosemite 10.10.1) firewall on and off.

    3. If I connect to the Netgear modem/router by ethernet, I can connect with Firefox to the NAS only by IP address but not by URL. This is the case with the iMac firewall on.

    4. If I turn the iMac firewall off and connect to the Netgear modem/router by ethernet, I can connect with Firefox to the NAS by IP address AND by URL.

    So, iMac firewall off, no connection problems at all.

    Firewall on, ethernet connection by url blocked but wifi connection by url allowed. Connection by IP address allowed via ethernet and wifi with firewall on and off.

    This seems to confirm it is an issue with the iMac firewall not liking something coming from the NAS HDD via the modem/router.

    Incidentally, I see the same problem with a Macbook ...

    I guess I could just run with the iMac firewall off as the Netgear router/modem also has a firewall - except I have a lot more faith in the Mac firewall.

    Any suggestions?



    iMac, OS X Yosemite (10.10.1), iMac (20-inch, Early 2008)
  2. poohbear666 thread starter macrumors newbie

    Jan 26, 2011
    I noticed from the firewall log that some incoming UDP requests were being ignored because the firewall was in Stealth Mode.

    Turned off the firewall Stealth Mode and everything is working properly ... ?

    Not entirely happy about Stealth Mode being off but it is much better than turning the whole firewall off.

    My understanding is that when in Stealth Mode, the firewall ignores UDP requests from "closed" ports?

    So, I guess the Netgear router/modem is using a UDP port that the iMac thinks should be closed?

    Any suggestions for a "proper" solution?


  3. chown33 macrumors 604

    Aug 9, 2009
    Sailing beyond the sunset
    I'm not sure what you mean when you say "by URL", as the means for connection. I suspect you mean "by DNS name", but please clarify.

    A URL contains a protocol name, a host identifier, and a path. Examples:
    The host identifier in the first URL is a domain name; in the second it's an IP address. Both strings are URLs, but only one has a domain name.

    By blocking UDP, you may be blocking the mDNS multicast packets needed by Bonjour. If your NAS was identified by a name that looked like somename.local, then that's managed by Bonjour and mDNS.

    If you want to find out what traffic is coming through (or isn't), then you need a line traffic viewing tool, like tcpdump. You might also find something in the Mac App Store.

    Finally, exactly which Netgear router model is it? AFAIK, N600 is a capability level (Wireless N + 300mbps on both 2.4 & 5GHz wifi bands), not a model number. WNDR3700 and WNDR3400 are two example model numbers from Netgear, both of which are N600. A Linksys N600 model number is EA2700; an N750 Linksys model number is EA3500.

Share This Page