Sure, I will include here what I did so far:
1. I've managed to login into my router with admin user & password (LAN), but still i'm not sure about my router's setup to access the router (INTERNET). This is why I've opened probably more ports than required.
To your questions:
- Yes, I've opened a combo (80/443) and enabled it.
- I've opened initially http/https (5000/5001) but updated it to 30000/30001 (security reasons, as you've suggested). Ports are enabled.
- I've entered 6690 but I haven't enabled this port. Interestingly, login via QuickConnect (cloud) works all right (from laptop, from my cell phone).
- folowing your advice, I've disabled port 21 (ftp) now due to security reasons.
2. I was advised to
setup ports manually via router interface rather than via NAS soft as it is superflueous and not reliable. So I did it, I hope. It seems router communicates with NAS, see ping result (screen above).
3. Enabling or disabling UPnP on my router D-Link DWR-116 hasn't got any impact on the result.
This is regardless if uPnP is enabled or disabled, there is a warning message displayed: "Checking network environment".
Picture: uPnP enabled in router settings
Picure below: uPnP disabled in router settings.
5. I've setup DDNS via DSM on NAS:
DDNS advanced settings - "as is" - I left this blank.
- just to add, I got a security advise to remove 5000/5001 - which I did and replaced with 3000/3001 and I've marked this:
6. Then I've enabled the security certificate as follows (via Synology service):
TESTS: Once all was setup, I've started to test with the following
http://192.168.2.13:3000
I can connect to NAS login page from laptop (can't from cell phone). So, it doesn't work.
http://tomzik.synology.me:3000
I can not connect to NAS login page from my laptop nor from my cell. So, it doesn't work either.
I've started to ask basic questions:
1. Am I forwarding correct ports at all? It seems 443 is required. What else?
I've logged a ticket to Synology Support. They've pointed me to Knowledge Center with this link:
How do I make my Synology NAS accessible over the Internet? - Synology Knowledge Center
bunch of info, all in all - i should:
a) Use EZ-Internet to make Synology NAS accessible over the Internet
OR Configure your router manually - this what we aim here, so:
b) Once I have found the router port forwarding configuration page, please refer to
this article for a complete list of port numbers used by Synology products' applications and services.
In the article, there is complete list of ports which can be used which goes on and on...
What network ports are used by DSM services? - Synology Knowledge Center
Proposed solution: In a doubt, I will go one by one and test all
--> It didn't work
2. Is the user authorisation with NAS_Synology working?
I realize this is secondary (after I can access login page in NAS_Synology, I should be able to login),
but what if I'm wrong?
So, I've tested it by changing the password for 'admin' user. It seems there was a notification send on my email:
Response auto-generated by NAS:
Dear user,
This is a confirmation that your password on NAS_Synology has been changed.
To modify your account settings, please point your browser at
http://192.168.2.13:5000/, http://tomzik.synology.me:5000/. (If you
cannot connect to the server, please contact the administrator.)
From NAS_Synology
Proposed solution: In a doubt, I will take those links as given
a)
http://192.168.2.13:3000
I can connect to NAS login page from laptop (can't from cell phone). So, it doesn't work either.
b)
http://tomzik.synology.me:3000
I can not connect to NAS login page from my laptop nor from my cell. So, it doesn't work either.
I've expanded the testing to those two cases:
c)
https://192.168.2.13:3001
I can connect to NAS login page from laptop (can't from cell phone). So, it doesn't work either.
d)
https://tomzik.synology.me:3001
I can not connect to NAS login page from my laptop nor from my cell. So, it doesn't work either.
It didn't work
3. There is some other reason which I can't figure out.
I suspect some problem with security certificate, i.e.
How do I obtain a certificate from Let's Encrypt on my Synology NAS? - Synology Knowledge Center
a) There is a point about domain name vs subject alternative name - I didn't care and left this one blank for now.
Is this a problem?
b) Email domain name should end up with [....]
.com and in this case it is [...]
.de
I'm open to your suggestions.
[automerge]1626423843[/automerge]
Also, to answer the question about firewall:
Firewall Settings --> Enable + I set rules for local devices to allow them to login
It didn't change anything - NAS is not responding.
Also, I was thinking if the setup Internet --> Router --> Multi-switch --> NAS might be a problem, so I've re-done the setup.
Now I've put NAS behind the router, i.e. Internet --> Router --> NAS.
I didn't change anything - NAS is not responding. I came back to how it was setup initially (for a better performance).
[automerge]1626424333[/automerge]
When you try to test the access to your router's WAN interface from the Internet:
- Check that your ISP permits inbound connections
- The router WAN interface has been assigned an Internet routable IP address (not in ranges 10.x.x.x, 172.16.x.x - 172.31.x.x, or 192.168.x.x).
- The NAS's firewall is allowing connectivity
- The domain you use is resolving to the router's WAN IP
Some information on these Internet tests would be useful.
Thanks for your hints,
to Your 1st question: I'm not sure how to check this?
to Your 2nd question: router is assigned with a
fix IP address 192.168.2.1, other settings listed below:
to Your 3rd question:yes, I believe firewall does enable it.
to Your 4th question: I'm not sure how to check this?