So I have a Synology NAS that I remotely connect to via the Quickconnect relay service, however I am unsure as to the security involved, feel it is slower to connect than a direct connection and if I want to run any of the backup options I require a domain name rather than a Quickconnect ID. I have a static public IP address with Zen, but need a domain name to get an SSL certificate (essential for security!) - I believe using the built-in synology.me DDNS subdomains do not work with a Let’s Encrypt certificate.
My questions are thus:
1) If I purchase a domain name, e.g. example.com, can I direct the subdomains to different public IP addresses? Such as site1.example.com to my home IP address, site2.example.com to my work IP address and so on? This way I can purchase 1 domain name but be able to connect multiple NAS boxes at different sites.
2) My home router, a Fritz!box 7530, employs DNS rebind protection, however I can make an exemption for my subdomain. Is this a massive security risk or is it relatively safe for this single exception? It would be a right pain to have to keep changing the login details in the apps depending on where I am.
3) If I can point a subdomain to my parents’ site (dynamic IP provider) to be able to backup their NAS, can I still obtain an SSL certificate even though I have to use a DDNS provider?
4) Is any of this sensible or is it just easier to stick with using Synology Quickconnect as I mainly use the iOS apps? (This may be outside the scope of this forum but I’ll ask anyway!)
I am obviously not massively clued up on the domain name stuff, so would appreciate any advice given!
My questions are thus:
1) If I purchase a domain name, e.g. example.com, can I direct the subdomains to different public IP addresses? Such as site1.example.com to my home IP address, site2.example.com to my work IP address and so on? This way I can purchase 1 domain name but be able to connect multiple NAS boxes at different sites.
2) My home router, a Fritz!box 7530, employs DNS rebind protection, however I can make an exemption for my subdomain. Is this a massive security risk or is it relatively safe for this single exception? It would be a right pain to have to keep changing the login details in the apps depending on where I am.
3) If I can point a subdomain to my parents’ site (dynamic IP provider) to be able to backup their NAS, can I still obtain an SSL certificate even though I have to use a DDNS provider?
4) Is any of this sensible or is it just easier to stick with using Synology Quickconnect as I mainly use the iOS apps? (This may be outside the scope of this forum but I’ll ask anyway!)
I am obviously not massively clued up on the domain name stuff, so would appreciate any advice given!