Solved Access via CalDav works internally, but not w/external hostname.

Currently reading
Solved Access via CalDav works internally, but not w/external hostname.

12
0
NAS
413j, 918+
Operating system
  1. macOS
Mobile operating system
  1. Android
  2. iOS
Last edited:
Using Synology Calendar, Apple Calendar can sync via CalDav using my internal IP. Changing the config to use my external hostname, fails with the error "Unable to verify account name or password." Trying to access from Android via DAVx errors out with "Couldn't find CalDAV or CardDAV service." The router is forwarding port 5000. Per Synology's example, I am attempting to configure the account as below:

It should be noted that the Advanced config fails internally as well. The only way it works internally is if I use the Automatic account type and enter the email as [email protected]. Automatic does not work with the hostname.

UPDATE: connecting from Android via mobile data with the domain name works! For some reason, I cannot use the domain name when connected to the local network. What could I configure to make the external domain name work in both cases?


Screen Shot 2020-01-05 at 10.46.04 PM.png
 
Last edited:
NAT loopback does seem similar to what I need. What seems odd is that connecting to the calendar web app via the external IP or domain name while on the internal network will work, but not CalDav. This functionality was working on my 413j when I used WebDav just a few days ago, but broke when I upgraded to the 918+ and started using Synology Calendar.
 
Just some asides...
  • Why are you still using default port 5000. Both HTTP and HTTPS ports should be changed (or redirect another WAN port to 5000).
  • Why are you forwarding HTTP connection? CalDAV should use HTTPS.
For example with DAVx...
https ://secretnameDOTsynologyDOTme:9701/caldav/YOUR_USERNAME

Where "9701" is forwarded to your NAS HTTPS port (which is 5001, or 9701, or something else entirely).
 
Using 5000 as that is the only example Synology shows, so I thought that I'd start with an example that is supposed to work. however 5001 is also forwarded and using 5001 fails with the same error.
 
Well I haven't used caldav for a while but I'm pretty sure that its using 5006/https port.

 
Last edited:
The Synology Calendar runs per default on port 80/443, so does it's CalDAV feature...

This is how I've set it up in the Application portal on my NAS:

caldavrproxy.jpg





The customized port I've configured there is just an additional one, but note I only use HTTPS for obvious security reasons.

Note: I have split-horizon DNS so my domain in my internal network resolves to internal IP addresses, while over the Internet it resolves to my WAN IP addresses.

Well I haven't used caldav for a while but I'm pretty sure that its using 5006/https port.

No, that is WebDAV. :)
 
CalDAV runs over WebDAV, so you're both right.

But when I connect to my Mac and iPhone to DSM CalDAV these are the settings:

Server name: my.domain.com​
Server path: /caldav.php/<DSM account name>/​
Port: DSM's HTTPS port​
Use SSL: selected​

I run an internal DNS server that resolve my personal domain to local IPs, and when external the domain gets resolved to the ISP IP of the router and then port forwarded relevant ports to the NAS.

If I put in the WebDAV HTTPS port number then it gets automatically switched to DSM's HTTPS port. Haven't checked why as I've had these accounts disables in Mac and iOS Calendar apps.
 
WebDAV Server package supports CalDAV and is accessed on the WebDAV HTTP/HTTPS ports. You have to create the calendars from with the WebDAV Server package in DSM and they are visible as folders and files in File Station.

There's the alternative for CalDAV which is to use the Calendar package (one of Synology's newer 'office' packages) and this is accessed using DSM's HTTP/HTTPS ports. It also has a web-based view for accessing its calendars. I've been using this one any calendar folders and files are hidden from File Station.
 
After a call to Synology, they claim that ports 80, 38008, and 38443 are used by Calendar and CalDav. The full list of ports is online. While I am better able to connect to the internal IP to port 38443 w/SSL, I am still unable to connect via DDNS url or even using the external IP. I have verified that all 3 ports are open.

I have since configured NoteStation and can access the NAS via DDNS url on internal and external networks with no issue. It seems like I'm still missing a port, but nobody knows what it is. 443 was mentioned earlier, but that is also open.
 
If you access Calendar web interface then you can follow this info for finding the URL you need to use:

To view your calendar on other devices via CalDAV protocol:
  1. Click the dropdown icon next to your calendar.
  2. Click CalDAV Account to check your CalDAV configurations or set up CalDAV on a device.

It give iOS/Mac and Thunderbird URLs that are based on the domain used to access the web interface (e.g. local NAS IP if that's how you did it, or QC, etc etc). Both these URLs use the DSM web port numbers not 38xxx or WebDAV.
 
The URLs from Calendar don't work for me, although the 38xxx ones do... at least internally. The support person couldn't figure out why I was trying to connect via 5000 (the DSM port). It is odd because even Synology's online instructions show to configure Mac Calendar with port 5000.
 
Ok this has gone long enough. Just got some time and went to test it out.

Using a custom domain (on top of ddns.synology.me name) I have installed calendar and revers proxied it to 443/https (considering that that port is open for me).

Upon installing the app, Syno firewall added these 2 ports:

Screenshot 2020-01-08 at 08.10.07.png


I did not port forward these ports at all.

After configuring the Calendar app to work via https://calendar.mydomain.something I have used these Advanced settings in Apple Cal app:

Screenshot 2020-01-08 at 08.40.26.png

IMPORTANT!
Notice the trailing "/" after the username in the Server Path parameter. Thats not there by default and it needs to be. Authentification worked in a matter of seconds (in LAN and WAN scenarios).

Screenshot 2020-01-08 at 08.44.35.png
 
Last edited:
Thank you for taking the time to walk through this and showing that it works. After following these examples, I'm still having the problem (and going slightly crazy). The only difference being the reverse proxy as I have the ports forwarded. See examples below:

First, I confirmed that both ports are open.
Screen Shot 2020-01-08 at 8.38.16 AM.png

Screen Shot 2020-01-08 at 8.38.26 AM.png

Below are the port-forwarding rules in the router. Note that notestation ports are forwarded and that they work using the DDNS domain name on both an external network and locally with the same account that is failing for Calendar.

Screen Shot 2020-01-08 at 8.47.19 AM.png


Then, I checked to see what was in the Firewall. There were no entries, so I created an allow rule for Calendar.
Screen Shot 2020-01-08 at 8.39.28 AM.png


Then I tried connecting via Apple Calendar
Screen Shot 2020-01-08 at 8.40.26 AM.png


All that I need to do to make this work is change the server address to the server's local IP. I feel like I'm going crazy. This seems like a port-forwarding or firewall issue, but we've validated that the ports are forwarded and the firewall allow rules are in place (I even tried it with the firewall disabled). At this point, I'd love to trace what happens when I try connecting from Apple Calendar to determine where the request is being dropped, but I don't know how.
 
Synology Calendar's web interface is accessible via the internal IP and the external DDNS address from my local wifi. Synology's Note Station is working on internal wifi and external mobile data networks via the DDNS address.

Syncing to my Android via DAVx provides an interesting pattern:
- On local wifi, I cannot connect via DDNS address
- On local wifi, I CAN connect via local IP address
- On mobile data, I can connect via DDNS address

Suspecting that there is a problem connecting via my local wifi to DDNS address with Calendar, I configured my Mac to use a VPN. Unfortunately, connecting over a VPN results in the same error (it won't connect via DDNS address on ports 5000, 5001, 38008, or 38443)

I also tried connecting on another Mac and got a different, and most confusing result:
- Using DDNS address, ports 38443,38008,5000, and 5001 fails
- Using IP address, port 38443 fails ?!?!?!?
- Using IP address port 5001/SSL fails
- Using IP address port 5000 SUCCESS ?!?!?!?
- Using IP address port 5001/SSL fails
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

  • Question
If I enter an event on my Android phone, when it synchronizes over caldav to Synology Calendar the time...
Replies
0
Views
598
That's the wrong URL for CalDAV/CardDAV. Use this... https://secret.synology.me:5001/carddav/myoldman...
Replies
7
Views
1,621
@Telos, Just to circle back to this and close it out; I realised later your link was for all instances...
Replies
7
Views
3,655

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top