Secure file sharing with a Synology NAS reverse proxy

Question

I am trying to configure a Synology NAS for a small business, allowing secure transfer of files to clients. I opted to configure the NAS as a reverse proxy server, since I anticipate having to connect additional NASes to the network and I do not want to continue opening additional ports on the router for each NAS. Ports 80 and 443 are not available as they are forwarded to a different client on the network. Therefore, I opened a custom port on the router and forwarded it to the NAS (call it port xyz).

I configured a reverse proxy from the NAS to itself, which allows me to share files perfectly, with a link like https:// nas1.mydomain.com:xyz/sharing/randomcode.

However, this leaves the NAS login page open to the internet, at https:// nas1.mydomain.com:xyz. I feel this is pretty insecure, and I'd like to avoid it. Is there a better way to configure a reverse proxy for file sharing that bypasses this issue? Do I need to resign myself to port forwarding? Or should I consider QuickConnect? (I have the perception that the latter is insecure).

Answer 1

After some research, I found a definitive solution, in DSM 7.x, probably it's the same mechanical in DSM 6.x, in control panel, in the connectivity section, 'External Access', advanced menu, enter the 'Host name or static IP': enter your subdomain like this https://file.nas1.mydomain.com and the dedicated TCP port in the item 'DSM (https)' Then, when you created a new share, I will be of the form : https://file.nas1.mydomain.com/sharing/randomcode.

In the connection portal, in Applications menu, I configure File station like this : Personnal domain : file.nas1.mydomain.com