Synology external access - weird information



  • Short back story: New setup with existing hardware. Synology appliances rsyncing between main site and offsite at one of the partner's houses. New client had brought an appliance back onsite after firing a previous provider for not verifying backups and there was a disaster. After assessing things, their appliance hadn't synced for months. Delta copy was around 3TB. After a week of copying, I sent it offsite and have been verifying the sync weekly (things are healthy and performing very well). I am going to be redoing this offsite solution when the appliance ages out in the next couple years. Risk mitigation and overall sync performance has been assessed compared to cost of redoing things during all of this.

    I need to reach the appliance to be able to update the DSM firmware; ensuring both appliances are on the same firmware as well as just making sure software is generally up to date. I was looking up some tidbits on Synology external access as https://external:50XX using PAT to 5000 on the appliance is being setup using the owner's AiO edge appliance. Not using DDNS, there is a static IP on the resident's home for offsite backups. Can't reach the device, but the partner did set it up himself as he is a power user and it's tough to get him agree to let people do things for him, even though it actually costs less operationally to just let me get in and do it rather than provide details on what is needed. That aside...

    First forum I hit... does anyone else find some of the information in the comments very odd? ISP blocking port 80... Synology using too many ports to be able to do PAT... DMZ setup being in a AiO user manual, as if it is just a standard home configuration for every use case...

    https://forums.techguy.org/threads/solved-synology-nas-external-access.1100674/



  • The default port for DSM for HTTP is 5000 but for HTTPS it's 5001. Could that be the issue you're having?



  • @nashbrydges said in Synology external access - weird information:

    The default port for DSM for HTTP is 5000 but for HTTPS it's 5001. Could that be the issue you're having?

    I tried both HTTP and HTTPS, wondering if the port was the issue.



  • @nashbrydges said in Synology external access - weird information:

    The default port for DSM for HTTP is 5000 but for HTTPS it's 5001. Could that be the issue you're having?

    I'm wondering if the source and destination is backwards that they configured. I had to fix a rsync issue coming from (different port) translated to 22.



  • @bbigford I manage 3 separate Synology NAS units for clients, 2 with dynamic IPs and 1 with static IP and the requirements were essentially exactly the same for all 3. Ensure the correct port was directed to the device and DSM just worked. Wonder if your user has missed something.



  • @nashbrydges said in Synology external access - weird information:

    @bbigford I manage 3 separate Synology NAS units for clients, 2 with dynamic IPs and 1 with static IP and the requirements were essentially exactly the same for all 3. Ensure the correct port was directed to the device and DSM just worked. Wonder if your user has missed something.

    That's what I'm thinking. I responded a moment before you did with a previous conflict regarding proper PAT. If he would allow me to just log in and do it myself that would cost them less operationally. I typically follow up with reminder emails that if I'm left to do my work with proper access, it costs them less overall. Comes down to a trust issue; it is just going to take time to bust through their ego and allow me to do my job.


Log in to reply