DSM6 - AllowConnect to serve a http-proxy for vpn- and ssh-clients

Questions about HTTP Access/Mods may go here
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:


2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.
User avatar
Posts: 100
Joined: Sat Feb 21, 2009 4:09 pm
Location: Switzerland

DSM6 - AllowConnect to serve a http-proxy for vpn- and ssh-clients

Postby Hathor27 » Mon Apr 18, 2016 9:56 pm

Dear Community,

with DSM 5.2 (and older) I could serve a http-proxy for external VPN- and SSH-Clients through a secure namebased access. The virtualhost config looked like below:

Code: Select all

<VirtualHost *:80>
  ServerName vp.myDomain.ch
  ServerAlias ip42.internalDomain.local
  DocumentRoot /var/services/web/bla/
  ## Only ever allow incoming HTTP CONNECT requests.
  ## Explicitly deny other request types like GET, POST, etc.
  ## This tells Apache to return a 403 Forbidden if this virtual
  ## host receives anything other than an HTTP CONNECT.
  RewriteEngine On
  RewriteRule ^/(.*)$ - [F,L]

  ## Setup proxying between vp.myDomain.ch:80 and ip42.internalDomain.local:1194
  ProxyRequests On
  ProxyBadHeader Ignore
  ProxyVia Full

  AllowCONNECT 1194  # here could also stay 22 for ssh

  ## IMPORTANT: By default, deny everyone.  If you don't do this
  ## others will be able to connect to port 1149 on any host.
  <Proxy *>
    Order deny,allow
    Deny from all

  ## Now, only allow CONNECT requests bound for ip42.internalDomain.local
  <ProxyMatch (ip42\.internalDomain\.local)>
    Order allow,deny
    Allow from all

  ## Logging, always a good idea.
  LogLevel warn
  #LogLevel debug
  ErrorLog /var/log/vpnserver-proxy_error_log
  CustomLog /var/log/vpnserver-proxy_request_log combined

I tried to do the same within DSM 6.0 but I can't get it run.
My personal config file is either ignored or even deleted (!) by restarting Webserver :cry:

Does anybody out there know how to solve this in DSM 6.0?
Best Regards

Hardware: DS107+/DS207+/DS109+/DS209+/DS409/DS211+/DS213j/DS214play/DS214+/DS215+/DS216play/DS416j/DS716+/DX513
Featured: WebAlizer/VPN/ReverseProxy/MailServer/Drive/DNS/DHCP/CMS/SSL/Subversion

Return to “HTTP/Apache Mods”

Who is online

Users browsing this forum: No registered users and 1 guest