Since when is a reverse proxying related to routing?! An http reverse proxy acts on osi layer7, which already is the applicatin layer. How is that related to a device that usualy works on osi layer 1-4?!
understand that you wanna consolidate everything but reverse proxy is actually a server role and not so much a router role. Again saying that I do agree it would be an easy implementation in SRM as well but not sure we will see it anytime soonThis is accurate,
I just want to consolidate all the routing to my rt2600ac router... Let the router dou the routing and the Nas the file stuff!
From a home user view with one Internet IP then therefore one TCP port 80/443/etc then there is at least one good reason to do reverse proxy on the SRM router: VPN Plus' SSL-VPN can't be reverse proxied via the standard DSM method (not tried anything else, as the clients complain that the server they are connecting to aren't VPN Plus.
Now has more RAM but ethernet port, last I looked, is still limited to 100Mbps ... USB3/ethernet dongle may get better 300Mbps (?) but really it would be WiFi on 802.11ac.Maybe running an RP on an RPi device would be more of a solution here then pushing it in a device that has nothing to do with that feature in the 1st place.
I'm psychic and have tried it to see if it works! It doesn't.This is my #1 issue...
You are not up to date with the HW specs on the RPi are you ?
A limiting factor regarding SRM as reverse proxy is that the router support one certificate. Unless you've got a wildcard certificate then you'll soon run out of Subject Alternative Name characters (due to the 250-ish limit set by Synology) for all the proxies applications of Application Portal and Web Station.
Is there an advantage to separate certs, apart from the 155-character limit on the SAN entry?I've four LE certificates that are all for my personal domain but have a different comment name (so I can see which is which) and string of alternative names:
- Default certificate: most of the DSM server stuff inc. Drive server, CardDAV, WebDAV, Mail services, etc.
- Application Portal customised domains
- Reverse Proxy domain names
- Virtual Hosts in Web Station
It’s the SAN character limit. Once I’d exceeded on my default cert I decided to use a cert per functional area: providing growth plus easier to manage.Is there an advantage to separate certs, apart from the 155-character limit on the SAN entry?
Should I have separate certs for aaa.synology.me and bbb.ddns.net? Would that have some added flexibility?
If I'm on my LAN and enter:What does that mean exactly? Internally? While on LAN?