DDNS WAN IpAddress with S2s VPN Present

Post your questions about myQNAPcloud service here.
Post Reply
jkingma
Getting the hang of things
Posts: 91
Joined: Wed Oct 21, 2015 2:15 am

DDNS WAN IpAddress with S2s VPN Present

Post by jkingma »

Hi
I have the following scenario:
  • a QNAP in my local network on port 8443 (to thwart at least the bots that attempt to connect to 443)
  • myQNAPcloud installed and DDNS enabled
  • on the router port forwarding 8443 to the LAN address of the QNAP
(Note: Having a different port for LAN and WAN confuses QSync on mobile devices enough that I spend removing and attaching the host everytime I moved network and quite a lot of time with QNAP
support to sort this out)

This works splendidly :-0 . The public IP Address is configured for the host-name and all mobile and remote devices and apps (QSYNC) can connect and are happy.

However as soon as I activate an OpenVPN tunnel the whole thing breaks down :( :
  • myQNAPcloud DDNS finds a new public ip address and configures it
  • All connections to the DDNS host-name time out
I assume the tunnel does not allow inbound connections on any or at least the 8443 port.

What does work is in the Qsync client (Android) instead of the host-name give the IP-Address. But I would have to change this on every device when my hoster decides to change my public IP.

What I tried is to set a static public IP address in myQNAPcloud GUI but it does not allow me. Probably because it attempts to connect to 443 instead of 8443.

Question: Is there a way to specify the public IP address on the console? Without having myQNAPcloud check connectivity?
QNAP TS-453mini
Firmware: up to date
dosborne
Experience counts
Posts: 1791
Joined: Tue May 29, 2018 3:02 am
Location: Ottawa, Ontario, Canada

Re: DDNS WAN IpAddress with S2s VPN Present

Post by dosborne »

jkingma wrote: Sat Aug 06, 2022 9:08 pm I have the following scenario:
  • on the router port forwarding 8443 to the LAN address of the QNAP
EXTREMELY dangerous to do that.
Read this: viewtopic.php?f=45&t=164797
jkingma wrote: Sat Aug 06, 2022 9:08 pm However as soon as I activate an OpenVPN tunnel the whole thing breaks down :( :
  • myQNAPcloud DDNS finds a new public ip address and configures it
  • All connections to the DDNS host-name time out
I assume the tunnel does not allow inbound connections on any or at least the 8443 port.
I'm confused, Are you trying to run 2 VPNs at the same time (QVPN and OpenVPN)? It all sounds like expected behaviour to me. Remotely, you connect through the VPN and once the tunnel is established, you use the local mappings to access the NAS. If you are trying to connect both with an outbound VPN and an inbound VPN at the same time, then that's a whole other issue. You are talking about the Admin GUI port being changed to 8443 but also using that port for the QVPN? Messing with the SSL port isn't going to doing anything for you from a security point of view if that is what you are trying to do.

I don't actually run anything related to QVPN as there have been too many security breaches.

The easiest, most secure, full access way to access any and all services running on your LAN from a remote location is to run the VPN server on your router. Your remote device is then just another node on your local network and everything is accessible as if you were at home.

But, before doing anything else, GET YOUR NAS OFF THE INTERNET through the port forwarding. Disable UPnP in your router and on the NAS while you are in there.

Rule #1 - Don't expose your NAS directly to the internet, particularly the Administration port.
Rule #2 - See Rule #1
QNAP TS-563-16G 5x10TB Seagate Ironwolf HDD Raid-5 NIC: 2x1GB 1x10GbE
QNAP TS-231P-US 2x18TB Seagate Exos HDD Raid-1
[Deadbolt and General Ransomware Detection, Prevention, Recovery & MORE]
Post Reply

Return to “myQNAPcloud service”