Question HowTo connect with DS Note to Notestation LOCALY via HTTPS

Currently reading
Question HowTo connect with DS Note to Notestation LOCALY via HTTPS

8
0
NAS
DS-418
Operating system
  1. Windows
Mobile operating system
  1. Android
  2. iOS
Hi

Tried with IP, @synology.me, domain with NoIp& Let's encrypt, quick connect ID all with different certificate setting...
SO

What has to be configured Where that an INTERNAL connection via HTTPS is possible
from Tablet (android) & iPhone to Note Station
 

fredbert

Moderator
NAS Support
Subscriber
1,803
737
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
I can use the access methods that are defined in Control Panel / Application Portal:

www.mydomain.com/<mynote-alias>
<mynote-subdomain>.mydomain.com

I'm guessing that the certificate must have to be valid for the address that you're using. Also, I run an internal DNS Server that resolves my personal domain to local IPs, and externally the same domain resolves to my ISP assigned IP.
 
8
0
NAS
DS-418
Operating system
  1. Windows
Mobile operating system
  1. Android
  2. iOS
THX for taking care

Certificate is valid!

I guess the problem is that internally it's not possible that certificate is assigned to the IP or domain? - so no HTTPS? - With HTTP it connects without problems.

Yes DNS! But I don't want my DS online with the DNS all the time.

I'm new with this :confused:
So is it possible to run a DNS for internal use only??
 

fredbert

Moderator
NAS Support
Subscriber
1,803
737
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Unless you allow port forwarding from the Internet to the DNS Server on UDP/TCP port 53 then it will not be accessible from outside.

My home DNS Server (that's the Synology package) only has resolution for my home domain and everything else then gets sent onto the normal DNS servers I would use (that'll be OpenDNS). In my router's DHCP configuration I just put the NAS's IP as the primary DNS server (secondary can be your normal external DNS) and this gets all my local devices to use the NAS.

Yes DNS! But I don't want my DS online with the DNS all the time.
If you mean 'online' as in 'switched on/powered up' then you'll have to stick to HTTP or use an internal DNS server that's always on. Otherwise the DNS resolutions will try the NAS first to find it's not available and then use the external DNS, and this might cause latency that's noticeable.
 
333
128
NAS
DS212J, DS214play, DS216, DS216play, DS414, DS918+, RS816
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. iOS
I do not have any special DNS setup, and https for DS Note works fine for me from within my LAN on iPhone.
I have a certificate from Let's Encrypt for my domain name.
Entering the domain name in DS Note on the iPhone, connected to home wireless and not to cellular service, and selecting the HTTPS option works 100%.
 
8
0
NAS
DS-418
Operating system
  1. Windows
Mobile operating system
  1. Android
  2. iOS
Last edited:
OK
Do You mean to put my domain with certificate from Let's Encrypt here in note station?
1584752745629.png

And log in with the same domain??

When I do so on android It says the certificate is not trusted and doesnot login
BUT - You are right on iPhone it works!

HowTo solve on Android?
 
333
128
NAS
DS212J, DS214play, DS216, DS216play, DS414, DS918+, RS816
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. iOS
I apologize, I don't use Android, so I have no answer on that.
 

fredbert

Moderator
NAS Support
Subscriber
1,803
737
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
@Witzker If your certificate covers www.example.com then you can use Aliasname so you can access with www.example.com/<aliasname>. This works on my Mac on home LAN.

But my work Android phone won't work with the aliasname but will work with the customised domain (ticked in your screenshot). So <notes-subdomain>.example.com does work. I also enabled DS note to check certificate validity (the DS note 'cog' icon on the login screen).

I have various LE certificates due to Synology's 255 character limit on Subject Alternative Name field. I have a certificate for Application Portal customised domains and have to assign this certificate from the Certifcate page in Control Panel (the Configure button).

@akahan on your LAN what do you use to access Note Station? externally resolved URL, LAN, QC?

If the router doesn't support loopback for URLs that resolve to it's WAN IP which then needs forwarding to the NAS ... then external URLs will fail when trying to access from the LAN.
 
333
128
NAS
DS212J, DS214play, DS216, DS216play, DS414, DS918+, RS816
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. iOS
@akahan on your LAN what do you use to access Note Station? externally resolved URL, LAN, QC?

I use domainname.com to access notestation. No port number, no subdomain. I have no static routes and no internal DNS resolver.

I think it would be helpful to know from the OP:

Can you reach notestation via https from OUTSIDE your LAN?
Can you reach notestation VIA HTTP using your domain name (not IP address) from inside your LAN?

If the answer to the first question is "yes," then the problem is probably that the router isn't doing loopback.
If the answer to the second question is "yes," then the problem is probably a certificate issue.

If OP is right that he can reach Notestation using https from inside his LAN using iPhone but not Android phone, then I suspect that the certificate needs to be installed somehow on the Android phone.
 

Rusty

Moderator
NAS Support
2,814
861
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Hi

Tried with IP, @synology.me, domain with NoIp& Let's encrypt, quick connect ID all with different certificate setting...
SO

What has to be configured Where that an INTERNAL connection via HTTPS is possible
from Tablet (android) & iPhone to Note Station
If your router support nat loopback, you will be able to use https internally. Considering that you have mentioned synology.me, I'm guessing you are not using a custom domain and in that case, I guess with https, you are using a custom port. If that's the case then be sure to connect using your ddns name and then the port number.

your_ddns_name:port

That should work in case your NAS does support FQDN name resolution within LAN.
 

Rusty

Moderator
NAS Support
2,814
861
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Fqdn is your nas public name. something.synology.me. Do you have that registered as a ddns? If so then just try and access your nas while you are in your lan.
 
8
0
NAS
DS-418
Operating system
  1. Windows
Mobile operating system
  1. Android
  2. iOS
I have both something.synology.me & something.ddns.net (registered as ddns with LE certificate which is in my fritzbox)
Shell I get a LE for something.synology.me too?

Wher do i have to put the Fqdn?
 

Rusty

Moderator
NAS Support
2,814
861
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Cert atm is not important. Just use your fqdn and add a port at the end in your dsnote login parameter. Then try and log in
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Similar threads

Similar threads

Top