Hello,
I'm a bit tired and maybe someone can help me with this DNS issue. So basically, my goal is to have my NAS completely blocked off the internet. However, I'd like to have access to synology photos externally only. So, you can't actually access the Telesphoreo drive, just your home folder and only if you know the credentials.
However, I can't seem to get any domain name to resolve. I used to be able to type ad.telesphoreo.me and it would bring me to the NAS, but now it's not even recognizing it.
So at the moment you can type in 10.10.10.5 and that's the only way to actually access the NAS (locally / VPN). However, I'd like it to be cleaner so I can type in photos.telesphoreo.me and it'll redirect to synology photos.
This is what the main page looks like
And here's the synology photos login page
What this means is you should be able to access it from photos.telesphoreo.me or 10.10.10.5:25252 or 10.10.10.5/photos. Only the ones with the IP address work (port and alias work fine). I have no idea if this is because I'm running Active Directory on it as well and my DNS settings are messed up?
This is my computers DNS. 10.10.10.2 is my Pi hole and 10.10.10.5 is the NAS (DNS server) so it's clearly there
I can't even seem to ping ad.telesphoreo.me which is really weird considering it's domain joined to it...
These are some of the records in the DNS app which I think are relevant
This is what the resolution page looks like
Not sure this has any effect, but I've tried it with enable resolution service on and off and it didn't seem to change anything
And here's the domain in AD
Here's the network settings for the NAS itself
I wonder if it has to do with that the DNS is 127.0.0.1?
I also realized while I was making this post that at one point it was on the internal VLAN and had a 192.168.1.x IP address. I moved it to a different VLAN so now its at 10.10.10.5
Any ideas on how I can get external access / domain names working? My goal is to change the Synology photos url to something like eshjvitpow34ubp895w34uvmWU904UVM5W34QVDSJOV.telesphoreo.me and make a certificate for it so that its not something so easy like photos.telesphoreo.me
Obviously, security by obscurity isn't entirely the best, and what would be the most ideal is completely blocking administrators from logging in externally but I can't seem to do that on this NAS