Synology DDNS not work
-
Don't forget, if you are also running IPS / IDS or pfBlockerNG, keep an eye on the logs for what is preventing the NAS from accessing your own CDN network.
This will be clearly visible in the logs....(jahhh and it varies from country to country and region to region.
Synology tech support couldn’t even give me an IP range (for country CDN) when I first encountered this problem.)
-
Ok seems snort blocked my public IP.
I quit snort and now, as before, i can reach Nas typing https://name.synology.me/5001or http://name.synology.5000. If i try with name.synology.me give me error 403
-
This is not very good, if your Snort config have blocked the WAN public IP because it means it is misconfigured...
This parameter is important to Snort / Suricata (this setting does not allow blocking of WAN IP + gateways, DNS servers, etc.):
Yes, yes the DSM port (5000 or 5001) is also important in the connection header
-
Check, Snort parameters are on default for each two voices
-
What does the View List show?
and
-
No data here
-
Then this is exactly the problem with the basic configuration, you have to think through where you made a mistake during the installation.
Only based on these parameters does the firewall know who is inside and who is outside (and who shall not be harmed), so the entire firewall is malfunctioning. -
One problem is solved, the firewall in my modem was still active and blocked port 80
now i can connect to nas via web using name.synology.meAbout snort how i can solve the problem? Do you suggest to unistall and reinstall snort?
-
It may be a good start at first,
since IPS / IDS works based on $ HOME_NET and $ EXTERNAL_NET, as shown here, for example the structure of a rule is such:
but I suspect there are several problems with NGFW configuration, interfaces, DNS setup, etc
-
For security reasons only, external http (80) connections are not appropriate, especially for a NAS, use https, if you want to access the NAS remotely.
Or use Syno's built-in OpenVPN package for external access
