For users to access thier content remotely, do they all have to have an individual synology account?
It depends on what you mean by 'synology account':
- Account on synology.com for registering the NAS, support, etc?
- No: one account in synology.com covers the NAS and is also used for registering for QuickConnect.
- The same synology.com account can be used for multiple NAS and SRM routers.
- You would not be using a synology.com account to access the NAS, remotely or otherwise, except to register and enable QC access.
- A DSM user account?
- Yes: each user of the NAS should have their own account so that you can control who has access and to what.
- DSM accounts are used to login to the package web portals and other services.
- Along with local user accounts these can also include accounts from linked LDAP and Active Directory servers.
And then do they all have a unique Quickconnect ID?
Or does everybody including admin, use the same Quickconnect ID?
The NAS has its own unique QC ID and that is obtained via the synology.com account.
DSM user accounts do not have any relationship with QC IDs. The QC ID is, in simple terms, similar to the domain name part of a URL.
And is this the best way for evryone to access thier files remotely?
QuickConnect has a number of ways it tries to connect a client to the NAS. It will first try to establish a direct connection between the client and NAS but it that fails it can fallback to the QC Relay service.
The relay avoids any specific inbound rules at the Internet firewall that is protecting the NAS. This happens by the NAS making an outbound connection to the relay service and then when the web client requests access it is actually accessing the relay service. The traffic between web client and NAS is encrypted on each of their respective connections to the relay service, but to avoid browser alerts 'untrusted connection' each side will use a different certificate. The result is that the browser encrypted traffic is decrypted at the relay service before being re-encrypted for the NAS leg.
You have to accept that this happens if you want to use the relay service. Also, the bandwidth speed via the relay service are restricted and you won't get your full Internet connection's speeds. However, it is possible to use QC and disable the relay service (done via Control Panel).
The alternative is to register a dynamic DNS (DDNS) name, which is supported in Control Panel, and configure port forwarding on your Internet router/firewall. This provides direct access to the NAS from the Internet.