Michael_Mulvaney
asked on
webdav
Hello
I have enabled WebDav on our Synology DS212+. I have ensured individual users also have the application enabled. I have tried connecting using NetDrive and BitKinex but I can't establish a connection. I have set WebDAV to use port 5005 on the Synology and I wonder if I have missed something on setting a path through our Cisco ASA5505 router. I made a new service called WebDav in the router and enabled that to connect to the internal i.p. address of the NAS. Please see attached file. Does anyone have any suggestions?
TIA
Michael
ASA5505-for-WebDAV.PNG
I have enabled WebDav on our Synology DS212+. I have ensured individual users also have the application enabled. I have tried connecting using NetDrive and BitKinex but I can't establish a connection. I have set WebDAV to use port 5005 on the Synology and I wonder if I have missed something on setting a path through our Cisco ASA5505 router. I made a new service called WebDav in the router and enabled that to connect to the internal i.p. address of the NAS. Please see attached file. Does anyone have any suggestions?
TIA
Michael
ASA5505-for-WebDAV.PNG
It looks like your Webdav rule is under the deny all rule (rule #4). Since rules are processed in order, the deny all rule at line #4 is likely blocking the traffic before it can be processed and allowed by rule #5. Try moving your rule up so it is listed before the deny all rule. If that doesn't work then check the firewall & see if it shows any blocked traffic on port 80 or 443 from your clients. Also, set the logging level to "informational" so you get more info in the log about traffic authorized by the rule.
ASKER
Hi, thanks for your support!
According to your advice I moved my WebDAV rule above the 'deny all' rule and set log to 'informational'.
It still doesn't work. I tried disabling the top rule (number 1 in the previous snip), but that made no difference.
I looked at the log and it seems to show some blocking on 443. You mentioned this port. Is that the problem, do you think? Please see attached snip.
ASA5505-log.PNG
According to your advice I moved my WebDAV rule above the 'deny all' rule and set log to 'informational'.
It still doesn't work. I tried disabling the top rule (number 1 in the previous snip), but that made no difference.
I looked at the log and it seems to show some blocking on 443. You mentioned this port. Is that the problem, do you think? Please see attached snip.
ASA5505-log.PNG
Port 443 is used for SSL, HTTPS, and other types of secure connections. Your WebDAV system may need port 443 for sign on and encryption, even though the system is set to use 5005 for data.
ASKER
Hello
Thanks for your continued support.
I have added permission for https, Please see the latest snip. But still something blocking? Please see snip of log.
My computer is 192.168.0.3. I am testing the system by using GoToMyPC to my home computer and trying to log in from my home computer. Do you think that is upsetting things? Perhaps I should wait now and test with the new settings directly from a computer completely outside the LAN?
ASA505-rev.1.pdf
Thanks for your continued support.
I have added permission for https, Please see the latest snip. But still something blocking? Please see snip of log.
My computer is 192.168.0.3. I am testing the system by using GoToMyPC to my home computer and trying to log in from my home computer. Do you think that is upsetting things? Perhaps I should wait now and test with the new settings directly from a computer completely outside the LAN?
ASA505-rev.1.pdf
The hit counters for rules #4 and #5 are zero, so the traffic is not getting authorized by those rules. Is the destination IP 192.168.0.28 or 192.168.0.1? Using GoTOMyPC "should" not cause a problem, but is is odd that the log shows blocked traffic from 192.168.0.3, an inside address.
ASKER
Hello
Thanks for hanging in with me on this.
The i.p. address of the NAS, in other words the destination, is 192.168.0.28. The Cisco ASA5505 router is 192.168.0.1
Thanks for hanging in with me on this.
The i.p. address of the NAS, in other words the destination, is 192.168.0.28. The Cisco ASA5505 router is 192.168.0.1
ASKER
I just carried out a port scan and found that 443 is open but 5005 is closed. Also, when I look on the services, there is a report that WebDAV is not used anywhere, even though it is in my firewall rule. I have absolutely no idea what to do next. I've attached another snip of the scene just described.
Port-scan-and-where-used.pdf
Port-scan-and-where-used.pdf
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The issue was with the Cisco router. Maybe the question was not phrased as well as it might have been, but WebDAV, Synology and the Cisco router were all principal elements in what I wanted to achieve, even though the actual problem was the Cisco router. It is a shame that the 'Cisco' keyword was not picked up by Cisco specialists, but I am grateful to the one person who did try to help. In the end I found the answer by trawling the internet. However, if I had not moved the new rule up from the position that it held, as recommended by the person who did try to help, maybe even my ultimately correct setting might not have worked? So, thanks to that person for that suggestion.