Reverse proxy sub domain always takes me to DSM login page

9
2
NAS
DS1817+
Operating system
  1. macOS
Mobile operating system
  1. iOS
Hi!

All the reverse proxys i try to configure ends up taking me to DSM login page.
I've opened port 443 and 80 in the router and pointed them to the 2 ports i've configured in Login Portal->DSM Port HTTP and DSM Port HTTPS.
Is this correct?

I know the Forward proxy itself is correct setup and i have a wildcard Certificate that seem to work fine.

What could possibly be wrong here?

Thanks in advance for the help!
 
Those would be the default 5000/5001 ports (or any other that you have changed)?
I've changed thoose ports to something else to make it harder to hack...., do you think that matters? Should i change them back to default?
 
I've changed thoose ports to something else to make it harder to hack...., do you think that matters? Should i change them back to default?
No no its fine (actually the way to go), just wanted to be sure that those are those ports.

Do you have by any chance, activated check box that states automatic redirect from http to https? If so, can you try and disable that and try again?
 
Last edited:
No no its fine (actually the way to go), just wanted to be sure that those are those ports.

Do you have by any chance, activated check box that states automatic redirect from http to https? If so, can you try and disable that and try again?
Yes, i have tried to have that both checked and unchecked, either way the proxy wont take me to the right application :(

Question: The external port (router) 443 should point to the DSM HTTPS port, right?
And the external port 80 (router) should point to DSM HTTP port? Am i correct?
 
Yes, i have tried to have that both checked and unchecked, either way the proxy wont take me to the right applicatio
And inside the reverse proxy, have you set the local NAS ip address as a destination or the "localhost" parameter?
 
And inside the reverse proxy, have you set the local NAS ip address as a destination or the "localhost" parameter?
I have set localhost right now, but i have tried both.
-- post merged: --

I would direct it to the NAS IP, port 443.

Why would you direct an HTTP port?. No need to forward port 80 (or port 5000).
Skärmavbild 2023-03-02 kl. 17.30.30.png

Can you see anything wrong with these router settings?
 
No i don't have webstation? Did you look at my router settings? Could you see anything wrong or if port 80 is unnecesary?
Port forwards look fine. As Telos already asked on the matter of port 80, I agree. Close it if you don't need it.
 
Last edited:
Port forwards look fine. As Telos already asked on the matter of port 80, I agree. Close it if you don't need it.
I actually don't know if i need it even..... but okey, i'll remove it then :)
-- post merged: --

No further clues of what could be wrong?
 
No further clues of what could be wrong?
Did you reroute 443 as I suggested?

Just as clean-up and security obfuscation, you could use subdomains w/RP and remove the Plex and Overseerr forwards, leaving only 1194 and 443.

Even without subdomain/RP, you could access Plex/Overseerr via VPN.

The fewer open ports the better.

I'd also drop NAS firewall while testing these things.
 
Did you reroute 443 as I suggested?

Just as clean-up and security obfuscation, you could use subdomains w/RP and remove the Plex and Overseerr forwards, leaving only 1194 and 443.

Even without subdomain/RP, you could access Plex/Overseerr via VPN.

The fewer open ports the better.

I'd also drop NAS firewall while testing these things.
Okey, so i should point external port 443 to internal port 443, even though i have setup DSM at 6813 for HTTPS???

I understand your cleanup suggestion and look into that when i got everything else going. I'll also disable the Firewall when i test this. Good thought! :) Need to take a doggy walk now but i'll be back later.
 
Did you reroute 443 as I suggested?

Just as clean-up and security obfuscation, you could use subdomains w/RP and remove the Plex and Overseerr forwards, leaving only 1194 and 443.

Even without subdomain/RP, you could access Plex/Overseerr via VPN.

The fewer open ports the better.

I'd also drop NAS firewall while testing these things.
IT WORKED!!!!!!!!!!!

Big thanks to you man!!!!!!
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

I really like the NPM service. Works well and is easy to use so I would prefer to use it. I’ll set it up...
Replies
10
Views
715
I understand that but because you have a DMZ in place and all traffic is pushed via isp router to your...
Replies
11
Views
725
  • Question
Does this only happen when you try to access packages via the 'office' links in Drive's menu? And have you...
Replies
1
Views
1,413
  • Question
Ofc you can make a single compose for this no problem. Personally I like to separate front end apps from...
Replies
10
Views
2,712
  • Solved
I think it was point 1 that was messing me up. And it was a simple fix, honestly. We'll have to see if I...
Replies
3
Views
2,820
  • Solved
yes you can fullchain + privkey would be a better option
Replies
21
Views
6,964

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top