Introduction
The Synology Diskstation NAS boxes are great. I have a DS1813+ that I use for my file storage and VMware virtual machines. They have a great function called QuickConnect that allows people to quickly and easily access they DiskStations from outside of their home network.
They even have a quick knowledge base tutorial on how to achieve this.
For this post though, I’ll be taking you though the steps to connect using your own domain name. There are a number of steps, and we’ll be going back and forth between different providers.
Requirements
For this to work, you will need a few things…
- Your own personal domain name to use. I’ll use nas.example.com in the screen shots and descriptions,
- A free (or paid) DDNS service provider
- Know how your router works, and how to perform port forwarding,
- Optional, but recommended, a SSL certificate for secure communications.
Domain Names
Despite this blogs title, using your own domain name is somewhat optional. You could just use a free Dynamic DNS service provider, and just leave it at that. We will be using one later on anyway. However if you do this, you can’t secure your connections with SSL, and security is important.
Domain names can be a personal thing. Some people have just one, some people have lots. Whatever you choose, make sure you can remember it. I use a UK domain name registrar called 123-reg.co.uk for all my domain name needs.
Once you have thought of a domain name and checked to see if it’s available, you can buy it. You can buy the domain for however long you think you need it (1 year, 2 years, etc). I have had one of my domains for over 10 years.!
Now that we have a domain, we can start to configure a few more things. Firstly, make sure any emails sent to this domain are forwarded to your own email address. This should be fairly easy, just set up a catch-all email redirect. We will come back to the domain settings later, as we need to configure a new DNS entry to point to a DDNS service provider.
DDNS Service Provider
We will need a service provider that the Synology can talk to automatically, so that when your external IP address changes (whenever you reboot your router), the domain name forwarding will continue to work.
How DDNS Works (very basic overview)
- The Synology DiskStation updates the DDNS service provider when an IP address change is detected,
- A client computer (you) requests a connection to your domain name,
- The domain name is forwarded to your DDNS service provider,
- The DDNS service provider returns to the client the IP given to it by the DiskStation,
- The client computer (you) connects to the DiskStation.
Service Providers
As you can see from the image below, there are a lot of service providers that Synology can automatically update. Pick one from the list that you feel comfortable with, and sign up for a free account – if they have one. The provider I use is NoIP.com. They have a free service, however, you need to renew the account every 30 days (by just clicking a link).
During the sign-up, you will be asked for a host name to use, I find it easier to use the domain name I registered above. Also, make sure you use a very strong password.

OK, we now have a domain, and a DDNS hostname. Go back to your domain name registrar and edit the DNS settings for it. For 123-reg, they have an advanced panel, this is most likely what you will need. You need to create a new DNS entry for your domain name. I called my sub-domain NAS, but you can use what you want. The DNS type for this is a CNAME. It will redirect to your DDNS service provider hostname.

This may will take between an hour and a day for any changes to replicate around the internet, so don’t worry if it doesn’t work straight away.
Port Forwarding
Before you start port forwarding, you will need a few things…
- The IP address you have assigned to your Synology DiskStation,
- The Port you use to connect to your DiskStation,
- The defaults are 5000 and 5001 for HTTP and HTTPS.
- I’ll be using the default of 5001 for the demo, but you really should change this port number – I’ll show you how later on. If you are going to use a different number, pick any number between 1024 and 65000. Remember it.
- Of course, the username/password for your router.!
Every home router is different, and some corporate ones require more than just a couple of steps. I’ll point you to a web site I used to use; be warned however, it has a lot of adverts – you are using an avert blocker right.!?
This is a link to an old router I used to have, a Netgear DG834. You can try to find your own router from their extensive list if you like. For more advanced routers you may need a few more steps. For the specific router I use, a Juniper NetScreen 5GT, there are quite a number of steps required, in different areas of the device.
The basic overview is to add a rule to your router/firewall that allows all traffic coming into your home on the specific port (5001), to be forwarded to your DiskStation, where, your DiskStation will handle it.
Obtaining a SSL Certificate
For all my SSL needs, I use the free Class 1 certificates from StartSSL. They are valid for one year, and can be easily renewed. Did I also mention they are free. No hidden charges, completely free.
You’ll need to signup for an account (I know, another one). You will then need to validate the domain name that you want to create a certificate for.

- From the Control Panel, click on the Validations Wizard,
- Choose Domain Name Validation,
- Enter the domain name your bought above,
- Click continue past the email selection page,
- This is why it was important earlier to make sure all emails are forwarded,
- Wait for an email from StartSSL to arrive. It will contain a verification code, enter it in the box provided,
- All done.
Once validated, you can now create a SSL certificate.
From the Control Panel, click on the Certificates Wizard,
- Choose Web Server SSL/TLS Certificate,
- Create a Key Password
- Make sure it’s a long one – use the maximum allowed
- Change the Keysize to 4096
- Make sure Secure Hash Algorithm is set to SHA2,
- Copy all the text, and save it as a plain text file in notepad. Call it SSL.KEY,
- This is your encrypted private key, do not give it to anyone,
- Select the domain you want to use this SSL certificate for, if you have more than one domain,
- Enter a sub domain of NAS, or whatever you used for the CNAME above,
- Click Continue past the message, then wait for an email from StartSSL (it could take a while, but it’s usually quick)
- While you wait for your certificate to be generated, go back to the Control Panel
- Select Decrypt Private Key from the menu,
- Paste in the encrypted private key from step 6 and the Key Password from step 3,
- When you click Decrypt, the key will be decrypted and presented to you
- Select all the text, and save it as DECRYPTED.KEY,
- This is you private key, do not give it to anyone.
- Once you get this email, go back to the StartSSL Control Panel and select Retrieve Certificate,
- Select the correct certificate from the drop down list (if you have more than one),
- Copy all the text, and save it as a plain text file in notepad. Call it SSL.CER,
- This is your certificate,
- All done.
Synology Configuration
We are almost done. We have a domain, with DDNS forwarding, and port forwarding (on a custom port). We just need to add the certificate to the DiskStation and optionally change the port numbers…
Enable DDNS Settings
- Open the Control Panel,
- Go to the External Access section,
- Select the DDNS tab,
- Click Add,
- Select the service provider you picked earlier (NoIP in my case),
- Enter the DDNS hostname,
- Enter your DDNS username and password,
- Click Test Connection to make sure everything is working fine.
- Select the Advanced tab,
- Enter your domain name in the Hostname or static IP field.
Enable HTTPS and Change Connection Port
Open the Control Panel,
- Go to the Network section,
- Select the DSM Settings tab,
- (Optional) Change the HTTPS port number to the one you picked earlier,
- Tick the Enable HTTPS connections tick box,
- Tick all the other options on this page too.
- Click OK,
Install SSL Certificate
Open the Control Panel,
- Go to the Security section,
- Select the Certificate tab,
- Click the Import Certificate button,
- Select the two files you created above,
- decrypted.key,
- ssl.cer,
- Once you click OK, the DSM should reload and connect you on a HTTPS connection.
Testing It All
You should now be able to connect to your Synology DiskStation via your newly bought domain name.