I have local WebDAV sync to my NAS working great, but would really like it to work when I’m offsite too.
Yes, I’ve read similar posts, but this is one of those things where I have to get the settings right on my router, etc. etc.
So, long shot, I’m wondering if anyone with just a bit more tech know-how would be willing to jump on a Zoom/Teams screen sharing call with me to walk through settings on my NAS, router and in DT with me, to get it all working? I know I’m asking a big favour, but I also know what a wonderful support network this forum is, so I thought it worth an ask!
Thanks in advance if there are any helpers out there!
First of all, you need to register with a DynDNS service so that you have a (pseudo) host name which is mapped to the IP address of your router. If you’re using a Synology or a QNAP machine, you can go for their respective DynDNS services. For the following, let’s assume that you have a DynDNS address mynas.dyndns.com. Once you’ve set the DynDNS up, get yourself a certificate for this host from Let’s Encrypt and install it on the NAS. How that is done, depends on the brand, so you should look for details on the Synology or QNAP site or the site of whatever NAS you’re using.
For the following, I’m assuming that your NAS has the local IP address 192.168.1.128.
There are two possibilities to access the NAS from the outside:
Port forwarding in your router. Easier to implement, but possibly less secure.
Via VPN in/to your router. More difficult to implement, very secure.
Port forwarding
Assuming that you have your WebDAV server running via HTTPS on port 1234, go to the admin page of your router, find the port forwarding section and add a forwarding rule from the outside port 1234 to port 1234 on 192.168.44.128.
Change the DT WebDAV sync settings so that the URL of your server is https://mynas.dyndns.com instead of https://192.168.44.128. Do not change anything else!. Sync should now continue as before. If not, check DT’s log window on the Mac.
VPN
How you set up a VPN to your local network depends on your router and/or your NAS. So, check your router’s or NAS’s documentation for that. If it can be done in the router, that might be easier.
Use mynas.dyndns.com to connect to the VPN from your Mac and/or or i*OS devices(s). Then you should be able to use the original WebDAV sync settings, ie those that use 192.168.44.128 in the URL.
Thanks, very helpful, this is a new approach to what I have read before, so I will try it. Your link didn’t appear to go to the correct page though – it took me to some AppleScript documentation?
A method I use to sync with my NAS (whether at home or away) is by using Tailscale (https://tailscale.com). There is a free level for personal use that fits my needs (it’s limited to 3 users and 100 devices). I’ll probably mangle this explanation but once set up it works well for me at least. Each device you want on your private tailscale network will need to run tailscale but then they all get their own “MagicDNS” address. On your Mac or phone it looks like you are running a VPN. You can connect using that address for WebDAV syncing (or anything else). My understanding is Tailscale will establish an encrypted peer-to-peer connection between your Mac (or phone or iPad) and the NAS for this. The nice part for me is that you also don’t have to worry about port forwarding/filtering on your router. For your NAS you do need to set up a couple of things to run Tailscale which can be a little fiddly if you aren’t used to such things like me. I could share the scripts I run for my Synology NAS if you want.
When away from home, there are a few caveats in my uses:
It’s only going to encrypt the individual tailscale device connections so if you are on a public wifi like a coffee shop, the other traffic isn’t protected. So I use a general VPN service which has a bypass feature where you can also run the tailscale connection. Alternatively there is a feature in tailscale where you can run one of your home devices (doesn’t have to be the NAS) as an “exit node” which will route all internet traffic through tailscale and your home devices (say if you were to browse the web or check email for instance). So that’s a way to keep everything encrypted.
Some public wifi will block the traffic. So far I’ve only had one location of this (one specific public library location but other locations I’ve used all work fine). I suspect that location could possibly block other means to do the syncing as well.
As I said, there are some issues with it, but I found it far easier (for me) to set up and use than other methods I tried. I have been very pleased with it.
If your router or your NAS permit setting up a VPN, that’s imo preferable over a third-party service. The latter will always record some data of yours.
Ok so I had just posted saying that it hadn’t worked, then lo and behold realised I simply hadn’t saved the port forwarding protocol in my router’s configuration.
So if it helps anyone else with a Synology NAS: a Let’s Encrypt certificate can be issued from the window where you edit your DDNS (under External Devices in Control Panel) – mine is greyed out in the screenshot because it’s after the certificate was issued:
The port forwarding rule in the router was relatively simple, once you know that you need to have WebDAV Server installed on your Synology – you’ll be entering the number that you have under ‘https’ (assuming you want to use that, not http):
There’s a bunch of other things to get one’s head around with this process so I’m sure this by no means covers it all, but I hope it helps some. I actually have yet to try it not on the local network, will do so now…fingers crossed.
