Cloudflare Tunnel to NAS (HTTPS vs HTTP)

Currently reading
Cloudflare Tunnel to NAS (HTTPS vs HTTP)

Telos

Subscriber
2,641
853
NAS
DS418play, DS213j, DS3622+, DSM 7.2.4-11091
I'm attempting to end port-forwarding and using Cloudflare tunnels to do so. But connecting to the NAS seems odd to me. Some background...

Presently I use RP to reach my NAS DSM login. For example, in a browser URL I enter:
https://nas1.mydomain.com

RP "translates" this as
https://<nsa_ip>:<nas_https_port>

That seems simple and it works.

After creating a CF tunnel, I added a "public hostname" with a subdomain of "nas1.mydomain.com", and a "service" of
https://<nsa_ip>:<nas_https_port>

However... no connection is possible... however if I change the "service" to
http://<nsa_ip>:<nas_http_port>

entering:
https://nas1.mydomain.com

brings up the DSM login screen with a secure padlock.

Why is there a difference between RP and Cloudflare tunnel, that explains why HTTPS does not work with the tunnel, but seems to with the RP?

Have I done somthing wrong here?
 

Rusty

Moderator
NAS Support
5,854
1,726
www.blackvoid.club
NAS
DS718+, DS918+, 2x RS3614RPxs+
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
https://<nsa_ip>:<nas_https_port>
When you use this do you have a valid cert behind it or it fails to get a pad lock if you do not use the tunnel? If it fails it might be the same reason it doesn’t work via CF. It could be looking for a successful connection.
 

Telos

Subscriber
2,641
853
NAS
DS418play, DS213j, DS3622+, DSM 7.2.4-11091
When I launch nas1.mydomain.com from Cloudflare, it connects shows a padlock when I specify the HTTP port on Public Hostnames. But when I specify the HTTPS port, I get "Bad Gateway".

j6f068u.png


This is a "free' CF account if that matters.

On the NAS my Cloudflare Origin Cert is default, and configuration shows it on all services.
 
It's a great solution for people that suffer from DualStackLite, which does native ipv6, but only carrier grade natted ipv4.

Thank you @Telos for bringing this up! I didn't know that CloudFlare had such a free offer...
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

On a thread two moths ago, I was flummoxed by my domain cert auto-renewal. As it turned out Cloudflare is...
Replies
0
Views
217
  • Solved
Meanwhile... 12 days later... and it seems that Cloudflare has again extended my LE certificate Maybe...
Replies
10
Views
1,402
  • Question
Out of sight, out of mind is usually the best solution when dealing with computer noise. You definitely...
Replies
9
Views
860
Bro, just seen this and hope by the time i am responding it is still of help. At Location A where you have...
Replies
7
Views
1,242
For what it is worth, a recent article on nas security...
Replies
0
Views
723
OFC, account.synology.com is web portal target also, it is the daily target of outbound traffic from...
Replies
10
Views
893
SOSHO & SMB vendors: ASUSTOR, AC&NC, Buffalo, D-link, Drobo, HP, LaCie, Netgear, QNAP Systems, Synology...
Replies
0
Views
485

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top