Hosting a Synology Server is a fun DIY project that requires a lot of research before achieving safely and securely accessing your data from anywhere. The WAN IP changes as most people quickly discover about their home internet or small business internet. Right out of the gate, you will discover that DDNS (Dynamic Domain Name Service) simplifies connecting to your Synology NAS over the Internet by mapping a hostname to its IP address. For example, DDNS allows you to access your Synology NAS using a domain name (e.g., www.john.synology.me), with no need to remember an IP address (e.g. 172.16.254.1).
Yay DDNS, right?!?!
Not exactly. While many of us do enjoy the benefits of mapping of a dynamic IP over hopefully SSL encryption, there’s a daunting message for third party individuals who do not know if the server they are connected to is indeed a legitimate server or if their credentials are being compromised by some man in the middle attack.
What to do?!?!
We posted a blog on how to setup a third party SSL certificate but now we are about to square one because third party SSL certificates only work with your own domain not a DDNS service like https://YourName.synology.me
Change the A record IP address in DNS
You need to change the IP when your service provider WAN IP lease is up. This is not as complicated as it sounds. Many of us don’t have a WAN IP that changes all that often. My “dynamic” IP hasn’t changed for a good year. This means I can always connect to https://dsm.myfancydomainname.com and access my Synology DiskStation Manager with ease. Ie no scary message and no potential for a man in the middle attack. Go to https://whatismyip.com from the network where the Synology is located. Record the new IP address then go to your third party hosting the DNS manager.
Third Party DNS Manager – GoDaddy Example
In our example, we utilize GoDaddy to manage our domain MyFancyDomainName.com. We even figured out the shortcut link to go directly to the page that manages DNS when you login to GoDaddy. (See URL Below)
Replace MyFancyDomainName.com with your domain and make it a shortcut on the desktop for whenever the WAN IP changes on the network.
Third Pary DNS Manager – Cpanel Example
cPanel > Advanced DNS Zone Editor to view dsm.myfancydomainname.com A record
Address: x.x.x.x (fill in WAN IP here)
Hosting Synology server and dynamic DNS Summary
After deploying the certificate and maintaining the DNS record, you can confidently send out URLs to your DSM box without placing individuals in harms way. High fives to you!
ProTip! Make sure not only the DSM port is port forwarded but the SSL port of 443 is too.