The Firewall in SoftNAS helps to control the incoming and outgoing network traffic in VPN. As of version 5.0, all unnecessary ports for a typical SoftNAS deployment are closed, in order to ensure your security. However, this means that if you are deploying SoftNAS to handle various file protocols, you may need to configure some ports to ensure success.
If enabling the firewall, be sure to open up the appropriate set of ports for SSH, HTTP. HTTPS, NFS/bind, iSCSI, CIFS, etc.
To reach the SoftNAS Firewall, expand Settings from the Storage Administration Pane, and select Firewall.
The Firewall wizard will be displayed and you will be able to perform various administrative actions.
Configuring the SoftNAS Firewall
As stated, the current SoftNAS Firewall is pre-configured, and set to restrict any ports that are deemed unnecessary to a standard deployment. This means that only ports and protocols commonly used are configured, including such ports as NFS, CIFS/Samba, rpc-bind, and mountd (iSCSI) are configured to start. The screenshot on the right is where you can see the ports currently configured by default.
Deleting a Service or Port from the SoftNAS Firewall
In order to remove a service or port, simply select the service, and hit the button below stating 'Delete Selected Rules'.
Adding a Service or Port to the SoftNAS Firewall
In order to add a service or port, select either Add allowed port or Add allowed service.
For example, you will note that we have nfs as a default service in the current configuration. This refers to NFSv4 only, as this is the most common version used at the moment. Let's assume you are configuring SoftNAS to connect with a legacy application that uses nfs3. Click Add Allowed Service, and you will see on the screenshot to right.
Select the service to allow (in this example nfs3) from the dropdown, and click Create.
The service will show in the allowed list.
Adding a port is a similar process. Click Add Allowed Port and you will see the following within the screenshot on the right.