Last edited:
Eventually you should look into reverse proxy. It makes it easy. You can just use yourdnsname.com internally or externally and don’t have to worry about specifying port numbers
For reverse proxy it’s port 443 which is https traffic so anything.com, google.com etc is transmitted on 443.
On your isp router port forward 443 to 443 of your nas. On the nas side you’ll have to go into the reverse proxy section, setup the domain name and a few other things. You’ll also need to setup a let’s encrypt certificate but all of this can be done without cost using a synology.me domain name
Other have purchased their own domain name from other providers. You can have yourdomain.com whereas synology is synologyddns.synology.me
One other note the reason we say to use custom ports for port forwarding is because hackers know synology dsm runs on port 5001. If you port forward on your isp router 5001 to your nas 5001, hackers can see this open port and attempt brute force attacks or other known vulnerabilities. Hackers use port scanners so if they know a specific vulnerability on a synology they’ll set the scanner to scan the world for open ports of 5001. This is how a lot of people get hacked or ransomwared. Don’t use the default ports at the gate of your network (meaning isp router/firewall).
-- post merged: --
For reverse proxy it’s port 443 which is https traffic so anything.com, google.com etc is transmitted on 443.
On your isp router port forward 443 to 443 of your nas. On the nas side you’ll have to go into the reverse proxy section, setup the domain name and a few other things. You’ll also need to setup a let’s encrypt certificate but all of this can be done without cost using a synology.me domain name
Other have purchased their own domain name from other providers. You can have yourdomain.com whereas synology is synologyddns.synology.me
-- post merged: --
Again use different custom ports for the external side which then forward to the service port on the internal side
One other note the reason we say to use custom ports for port forwarding is because hackers know synology dsm runs on port 5001. If you port forward on your isp router 5001 to your nas 5001, hackers can see this open port and attempt brute force attacks or other known vulnerabilities. Hackers use port scanners so if they know a specific vulnerability on a synology they’ll set the scanner to scan the world for open ports of 5001. This is how a lot of people get hacked or ransomwared. Don’t use the default ports at the gate of your network (meaning isp router/firewall).