Synology Reverse Proxy

Tutorial Synology Reverse Proxy

Currently reading
Tutorial Synology Reverse Proxy

1,817
758
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
when you prepare correct setup of the new (from File Station RP) subdomain into your DSM by this KB from Syno. it will work
Now that’s very, very interesting. I checked the KB you referenced (thanks) but I’m still skeptic. I was hoping that you’ve personally tried it. I should try it and see.
 
1,817
758
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
So if I go to my LE certificate, delete it and recreate it, adding all the subject alternative names and then go to my DDNS provider where I have my domain name registered and add the CNAMEs, will that do it?

Actually, I have CNAME = www already in place (on the DNS) with the LE configured for it (subject alternative name). I think I can try that first. Possible?

It’s xyz.com and www.xyz.com
 

Rusty

Moderator
NAS Support
3,416
1,014
www.blackvoid.club
NAS
DS718+, DS918+, 2x RS3614RPxs+
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Have to try it but with Drive it’s using RP address.
 

jeyare

Subscriber
1,876
623
Drive is different. File Station is configured by Synology to use default DSM entry point. Then you need to change by custom link (used by RP)
 
1,817
758
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
File Station is configured by Synology to use default DSM entry point.
Yes. My skepticism that it won’t work is proven. I tried a few things. The generated link includes the DSM port no matter what.

Drive it’s using RP address.
That’s interesting. Does it mean that I can generate a share link with no ports referenced? That’s what I’m after.
I want to end up with something like: shares.xyz.myds.com/Rd4j3lq
Where shares is what’s given to my RP.

Thanks
 

jeyare

Subscriber
1,876
623
WtF ... tested right now

- new sub domain prepared for this test ... files.domain.com (new DNS A host record)
- Control panel/Application portal/Application .. Edit of File Station:
Enable Customized Domain:
files.domain.com ... according the new A record
Enable HSTS

Evaluation:
1. Browser will open new domain. Correct
2. when you click into Share feature, it will still remains in general DSM domain (no port, as well)

Reverse proxy for File Station will give you chance use customized sub domain, but for Shared links it will generate just general DSM link.

But
when you generate the Shared link and you "manually" change the generated link with sub domain to your expected RP sub domain it works! Then there is just a error in Matrix with useful "custom" domain setup for File Station from DSM (Synology).
Sorry for my mystification, corrected now.
 
1,817
758
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
@Shadow and @jeyare, thank you for taking the time to test this.
I’ll need to do some domain additions and add it to the DS certificate to be able to use it. Looks like I have another weekend project :)

Thanks again.
 

jeyare

Subscriber
1,876
623
Last edited:
You welcome.
Just to be sure. This is valid for File station only. Drive is ok
 
76
19
NAS
DS916+
Operating system
  1. Windows
Mobile operating system
  1. Android
Hello all,

Excellent guide. I've just signed up to post a few questions, I hope someone can give me some guidance as I'm going round in circles.

I currently have a DDNS with No-IP, along with a Letsencrypt certificate and I'm able to connect to individual programs such as NextCloud, SAB and Sonarr when manually entering port numbers along with the DDNS url. When I read this guide regarding reverse proxy I dove in and managed to complete everything NAS side, however I'm having difficulties with No-IP and subdomains.

I would much prefer to have my own domain and not have to rely on a DDNS, maybe be a little more self contained.

My question or questions are;
1) If I purchase a domain name and host it using one of these low cost hosting sites, will that be the same as a DDNS in regards to typing in the website url and being correctly forwarded to the relevant app dependant on the subdomain I used?
2) If so, can anyone recommend a hosting site that allows you the full control necessary to setup reverse proxy and subdomains? I've heard that Flaunt7 might be the ticket.

I hope I'm making sense and I haven't completely missed the mark, this is all very new to me.

Many thanks.
 
76
19
NAS
DS916+
Operating system
  1. Windows
Mobile operating system
  1. Android
Apologies for a followup message, but No-IP have replied, stating;

"You cannot create fourth level sub domains on No-IP owned domains like ddns.net. Fourth level sub domains can only be created on a domain that you own/have personally registered, and that also has Plus Managed DNS."

From this, I guess buying and hosting my own domain is the way to go.
 

Rusty

Moderator
NAS Support
3,416
1,014
www.blackvoid.club
NAS
DS718+, DS918+, 2x RS3614RPxs+
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
1) If I purchase a domain name and host it using one of these low cost hosting sites, will that be the same as a DDNS in regards to typing in the website url and being correctly forwarded to the relevant app dependant on the subdomain I used?
Yes, after you configure your reverse proxy parameters for those apps/services

2) If so, can anyone recommend a hosting site that allows you the full control necessary to setup reverse proxy and subdomains?
Dreamhost comes to mind. Cloudflare as well.
 
Last edited:
GJ.
To bad that Synology Reverse Proxies cannot work on layer 4.. :(
I know this post is rather old, but.. Nginx can act as a reverse proxy AND as a tcp/udp loadbalancer, e.g. to balance TLS-Passthrough traffic (=not terminated in the reverse proxy) or any binary protocoll. Now that I know where custom configurations can be added, It is safe to say: it's possible. Though, domain specific configuration is only possible if the connection is wrapped in TLS (only then it will provide the required SNI information in the TLS extensions). This guy made a nice overview of the possible trickery :)
 
76
19
NAS
DS916+
Operating system
  1. Windows
Mobile operating system
  1. Android
Yes, after you configure your reverse proxy parameters for those apps/services


Dreamhost comes to mind. Cloudflare as well.

Hello,

Thank you kindly for replying. I'll headover to Dreamhost and Cloudflare now.
 
36
11
NAS
DS218+
Router
  1. RT2600ac
Operating system
  1. Linux
  2. Windows
Mobile operating system
  1. Android
WE WANT REVERSE PROXY ON SRM!!!
 
36
11
NAS
DS218+
Router
  1. RT2600ac
Operating system
  1. Linux
  2. Windows
Mobile operating system
  1. Android
Why? Can't you use the one on the NAS?
This is accurate,
I just want to consolidate all the routing to my rt2600ac router... Let the router dou the routing and the Nas the file stuff!
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top