Jasonatmacaid Posted June 15 Report Share Posted June 15 Hi there, We often have Synology Diskstations that act as a VPN endpoint, and will also host a Domotz agent. I've found that the agent creates devices for each VPN connection that is made, with an IP of 10.x.y.0, which is the VPN IP range. I've tried blacklisting 10.x.y.0, but to no effect. Is there a way to suppress creation of these devices? perhaps by IP range, or another way? They are just annoying noise to us. Link to comment Share on other sites More sharing options...
Giancarlo Posted June 15 Report Share Posted June 15 Hi Jason, you can issue an API command to "denylist" completely a network interface. Please have a look at this section: https://portal.domotz.com/developers/#domotz-public-api-networking In particular, with the following API you can review the list of possible Network Interfaces: https://portal.domotz.com/developers/#getagentinterfaces identify the one created by the VPN Server, and then add that in a "deny" list so that it is excluded by Domotz when scanning the networks: https://portal.domotz.com/developers/#setagentinterfacespolicy Something like the following: curl -X PUT {baseURL}/public-api/v1/agent/{agent_id}/network/interfaces-policy \ -H 'Content-Type: application/json' \ -d '{"policy": "deny", "rules": ["vpn0"]}' \ -H 'X-Api-Key: API_KEY' just replace with your own API_KEY, Agent_ID, baseURL and vpn0 with the interface for your VPN Link to comment Share on other sites More sharing options...
Jasonatmacaid Posted June 16 Author Report Share Posted June 16 Thanks, so far this seems to have worked! 1 Link to comment Share on other sites More sharing options...
Jasonatmacaid Posted June 20 Author Report Share Posted June 20 One small advance on this if anyone else stumbles across it, the interface name seems to change on the synology VPN from time to time, eg from ppp104 to ppp105 or some such, so the answer is to use a wildcard after ppp. 1 Link to comment Share on other sites More sharing options...
Giancarlo Posted June 21 Report Share Posted June 21 23 hours ago, Jasonatmacaid said: One small advance on this if anyone else stumbles across it, the interface name seems to change on the synology VPN from time to time, eg from ppp104 to ppp105 or some such, so the answer is to use a wildcard after ppp. Thanks for the suggestion. This is a very good point, and yes: the filtering support the usage of wildcard. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now