Setting up my Roon Server to run on my Synology NAS 1520+ using @crieke RoonOnNAS package and it took me a while to get it running, but I’ve finally figured out that the issue is the Synology Firewall. When it was enabled, I could not connect to the Roon Server via any of the Roon Client applications (PC, OSX or iOS) until I added firewall rules to allow TCP 9330-9339 and UDP 9003. This solved the issue of getting the server found for the clients.
Now I have a secondary issue of it not finding any Audio Devices on my network. If I disable the Synology Firewall, it finds all of them immediately. If I re-enable the firewall during playback (once found), it will play a track for 30 seconds prior to skipping to the next track and then if I reboot the Roon Server core it will no longer lists those devices under Audio. I’m guessing I just need some extra ports to punch through the firewall to find the network devices. I’ve tried a few from old posts I found here and on Sonos forums, but haven’t found the right combo yet. Any help would be much appreciated. Thanks!
Yea, that’s for client firewall concerns, this issue has to do specifically with Synology’s Firewall, running on top of where the Roon Server package runs. Just need to know what ports to open
It applies to the Roon server component as well. I take it you can’t add firewall rules for the Roon Server on a Synology, but must specify rules for specific ports?
@DDPS Yes, thanks, I enabled those 4 options already, but it still doesn’t see the Audio devices on the network unless I turn off the firewall completely. I’ve been trying all kinds of ports and looking at the Roon Server log, but can’t seem to sort this one out.
Interesting. Hmmmm. Well…Is there a reason you are using the firewall? Typically, the only use for a firewall on a NAS is when you are concerned about abuse within your local network; for the outside world, your router/firewall/NAT takes care of the rest. I don’t know your use case, however, so I am surely missing why you want to use it. Please share what you can so we can all try to help!
I can also solve the problem by allowing ‘All’ for the individual clients via IP or subnet mask. Mostly, was just trying to track down what the appropriate ports are for whitelisting. It’s got me curious now. I’ll keep trying different combos and see if I can find the magic port (or range). I was hoping @crieke would know, but we’ll see if he gets back to us.
