Now that you have your Synology NAS up and running, you should be able to access the web interface using its LAN IP (i.e. http://192.168.1.50/), or by using its NetBios name (i.e. http://diskstation/). What if you want to access it from outside of your home network? In a typical home network, the router is the gateway between the network inside your home, and the outside world: the Internet. The LAN IP is the device IP assigned by your router within your home network. The WAN IP is the outside address to your router. We can think about the IP address as the GPS coordinate for your home. But obviously it’s not what you use to tell your friends where you live. Instead, you give them a street address, which is likened to a canonical URL (i.e. dsm.yourdomain.com). But in the internet world, IP address is how each client ultimately finds each other, not through the canonical URL, which just gives your address a bit more context/meaning. There needs to be a mechanism to translate the canonical URL to its corresponding IP address. This is called a Domain Name System, or DNS.
When you’re in your browser trying to go to dsm.yourdomain.com, your browser actually doesn’t know where to go at this point. It will send a query (i.e. dsm.yourdomain.com) to the DNS server (unless you manually assign one the default from your ISP will be used). The DNS will look up from a table (resource record) the IP address (i.e. 123.456.78.9) for dsm.mydomain.com. After returning the IP address to your browser, the browser now knows the “address” of the requested page and your browser will connect to it via the IP address.
To get your very own domain name, you can start by visiting Google Domains, GoDaddy, or just Goole for “domain providers”. There are too many of these out there, I personally use Google Domains, which is what this tutorial focuses on. Pick a domain name that best describes your need or business, pay for it, and it becomes yours (technically you’re leasing it).
For those of us who do not have a static IP address, it doesn’t make sense to have to go to your domain configuration page to update it whenever it changes. For that matter, you probably won’t even know when your WAN IP changes because it happens in the background without your direct knowledge. Thanks to Dynamic DNS (DDNS) service, your DNS record can actually be dynamically updated. Synology Diskstation (NAS by Synology) allows you to configure DDNS right inside its web interface (DiskStation Manager, or DSM). Whenever the Diskstation detects a change in your IP, it will inform the DDNS provider to update it, all without your intervention. Synology Diskstation supports a number of DDNS providers, among which is Google Domains. If you don’t own a domain, you can still use one of the free domain names offered by Synology for your purchase of their NAS, but obviously the choice would be pretty limited (i.e. someone.diskstation.me, someone.synology.me, etc).
Using Synology domains
If you choose to use a free one from Synology, just make sure you log in (or register for free) to your Synology account on DSM and pick a host name that’s still available (i.e. someone.synology.me, or someone.diskstation.me, etc). Following this, you will be able to access your NAS using the new host name like someone.synology.me. More accurately, the new hostname will take you to the front door (WAN-side) of your router. You router will then determine which device on the LAN side (within your home network) will make the connection. This is done by setting up port forwarding, discussed later in this article.
Using Google Domain
If you have a domain by Google, you want to first create a Dynamic DNS synthetic record with a subdomain name of your choice. It is unfortunate that most domain providers do not allow you to use DDNS to update its root domain IP. I use “dsm” here because I want “dsm.mydomain.com” to take me to the DSM page (web interface for Synology NAS) whereas I want to reserve mydomain.com and www.mydomain.com to go point to my primary website. Use the credentials on the Google Domains page and enter it in the DDNS configuration page in DSM, then you’re done.
What we’ve done above will take you to the front door (WAN side of your router). Now we need to decide which door inside your house we should knock. This is called a port. When data is transmitted over the internet, other than the IP address, which tells you where the host is, the port tells you which door to open once you’re there.
A typical non-secured web traffic (http) uses port 80. The encrypted traffic (https) uses port 443. Synology DSM uses port 5000 for http, and 5001 for https. It might be beneficial to learn that when you enter an IP or URL in the browser without specifying the protocol (http vs https), http is the default protocol and port 80 does not need to be specified. If you start the url specifying https, even without specifying the port, 443 is used by default. In order to enable web traffic to be routed to the specified device (i.e. Synology NAS), you need to forward these ports to the internal IP of the NAS.
That’s it. You have learned how to use DDNS and portforwarding to enable you to access your NAS from the outside world. The next tutorial will be a lot more interesting as I will talk about how to set up customized domains to access the different services on the NAS. Stay tuned!