Photo Station address without port number

Topics including remote access and management can go here, including port forwarding, telnet, ssh, and advanced network settings.
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:
https://myds.synology.com/support/suppo ... p?lang=enu
2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.
sanguinicus
I'm New!
I'm New!
Posts: 4
Joined: Fri Sep 29, 2017 11:24 am

Photo Station address without port number

Postby sanguinicus » Fri Sep 29, 2017 11:51 am

Hello all. Firstly I want to say thanks to all the extremely knowledgeable people here, if it weren't for lurking around these forums, I would not have gotten as far as I have with my DS so far :)

Short version: want to access photo Station on a custom port using a simple address "xyz.synology.me/photo" only through HTTPS.

I have a problem though. I want to be able to access Photo Station remotely using a simple address *without* the port number in the address. I want to access it simply on "xyz.synology.me/photo", then automatically redirect to HTTPS. I want to use a different port for Photo Station. I don't want to use port 80/443. I used Reverse Proxy to change these to 7881 in place of 80 for HTTP and 7882 in place of 443 HTTPS (configuration below for HTTP and HTTPS reverse proxy). And Photo Station is set up for the synology.me domain and the custom ports.

Basically what I want to achieve is not exposing common port 80/443 on the internet.

If I enter the plain "xyz.synology.me/photo" address, it doesn't work I get ERR_EMPTY_RESPONSE on Chrome. Curiously, if I enter "xyz.synology.me/photo:7881/photo" (that is, the HTTP port 7881 that *should* redirect to 80 in the router) I get ERR_INVALID_REDIRECT. I would have thought this would have automatically redirected to 7882. Now, if I enter "xyz.synology.me:7882/photo" (HTTPS port 7882, redirect to 443) works! It works out on the WAN and within my LAN.

Some extra info: i've got a working Synology.me domain and the DS has a certificate from Lets Encrypt (cert is working, green padlock "Secure"). I have disabled UPNP on the router so I've got custom ports forwarded for DSM dashboard and Download station. So my port forwards work, including the custom ports for Photo Station which redirect in the router: 7881 to 80 and 7882 to 443 on the DS. Verified using a port checker on the internet.

My Reverse Proxy setting are below:
For HTTP Port
Source Protocol: HTTP
Source Host name: xyz.synology.me
Source Port: 7881 (port i want to use for HTTP for Photo station out on the internet)
Destination Protocol: HTTP
Destination Host name: 10.1.1.3 (DS local IP)
Destination Port: 80

For HTTPS Port
Source Protocol: HTTPS
Source Host name: xyz.synology.me
Source Port: 7882 (port i want to redirect to for Photo station out on the internet when the plain address comes in)
Destination Protocol: HTTPS
Destination Host name: 10.1.1.3 (DS local IP)
Destination Port: 443

Can you help me out?
I have one idea why it might not be working: basically the web address is a regular http address so its trying to get on port 80 by default. Because i want to use a custom port, I've got no choice but to include the port number. is this correct? Is there a way around this? Router DNS server? This doesn't explain why the 7881 port isn't working (or seemingly not redirecting).
sanguinicus
I'm New!
I'm New!
Posts: 4
Joined: Fri Sep 29, 2017 11:24 am

Re: Photo Station address without port number

Postby sanguinicus » Wed Oct 11, 2017 3:11 am

Politely bumping.
I can't be the only user that wants this functionality? Is the only way to do this is to open port 80 on the internet side of the router? I'd rather not do that.
InetUID
Trainee
Trainee
Posts: 12
Joined: Sun Oct 17, 2010 4:06 pm

Re: Photo Station address without port number

Postby InetUID » Wed Oct 11, 2017 6:22 pm

The URL https://xyz.synology.me/photo is shorthand for https://xyz.synology.me:443/photo so you can't have the 'no port' URL without the DS listening on port 443.
sanguinicus
I'm New!
I'm New!
Posts: 4
Joined: Fri Sep 29, 2017 11:24 am

Re: Photo Station address without port number

Postby sanguinicus » Wed Oct 18, 2017 3:11 am

But I changed the port number for Photo Station. So it should be listening on the new port 7882. That port is being redirected to port 443 in the router also.

Or, you are saying https://xyz.synology.me:443/photo is "hardcoded" in Photo Station? So the only way a simple address of "xyz.synology.me/photo" would work would be to open port 80, redirect to 443? I don't want to expose either of these ports on the internet.

The way I think this should work is, the request is made to the router on 7882, the router directs this traffic to the DSM, the DSM uses the reverse proxy rules to redirect to port 443.

Maybe I didn't understand you correctly?
InetUID
Trainee
Trainee
Posts: 12
Joined: Sun Oct 17, 2010 4:06 pm

Re: Photo Station address without port number

Postby InetUID » Wed Oct 18, 2017 6:01 pm

http://xyz.synology.me/photo is shorthand for http://xyz.synology.me:80/photo (note http not https).
https://xyz.synology.me/photo is shorthand for https://xyz.synology.me:443/photo

To use either of these from the Internet your diskstation (or router if it is performing NAT) needs to listed on port 80 (for HTTP) or 443 (for HTTPS).

You appear to want to have https://xyz.synology.me/photo connect to port 7882 without specifying this in the URL - can't be done. Also http://xyz.synology.me/photo connecting to port 7881 won't work for the same reason.

You said in the initial post "Because i want to use a custom port, I've got no choice but to include the port number. is this correct?" - this is correct.
sanguinicus
I'm New!
I'm New!
Posts: 4
Joined: Fri Sep 29, 2017 11:24 am

Re: Photo Station address without port number

Postby sanguinicus » Thu Oct 19, 2017 2:20 am

Ok thanks for confirming that. Bit more clunky, but it'll have to do.

Return to “Remote Access and Network Management”

Who is online

Users browsing this forum: No registered users and 7 guests