09-11-2016 01:42 AM - last edited a month ago
I hope folks with synology NAS find this useful.
I have a synology NAS, it's upnp implementation is terrible (external connectivity wizard) because they decided:
1) the upnp engine should not respond to router announcements
2) the upnp engine assumes once a port mapping has been made it won't be erased by the router
this is in direct conflic with upnp spec which means if you reboot your router (USG, Asus, whatever) the synology won't reopen the mapping or refresh it for days. It is possible to change refresh - but there is a better way - enable natpmp (note if you have upnp enabled on your USG then nat-pmp is already enabled).
It seems synology built natpmp int0 their units but never turned it on - here is how.
- ensure you already cofigure your synoogy with the router wizard in non password mode
- enable SSH access to the synology
- login with an SSH client
- navigate to /etc/portfoward
- use sudo vi router.conf to edit the file
- change the following lines in the file:
- leave all other lines as-in
I hope this helps someone - it makes using the external connectivity wizard in the synology pretty much bullet proof.
(note synology firmware updates may revert this - not always but sometimes)
Bonus tip if you don't like that and want to stick with upnp you can change the refresh by creating a file in the /etc/portforward folder called pfd.config with the contents reclaim="60" where rthe number IIRC is the time in seconds (but if that turns out to be minutes do sue me) - this was a change synology support once made on my box for me
Don't forget RTFM https://www.ubnt.com/downloads/guides/UniFi/UniFi_Controller_V5_UG.pdf it really is impressive documentation.
05-30-2017 05:45 AM - edited 05-30-2017 05:47 AM
Good information but how do you SSH into the router? Please provide that information. Do I use a Mac or PC to SSH into the router. Do you use Telnet or some other software? I didn't know you could SSH into the Synology router.
What do you mean by "ensure you already cofigure your synology with the router wizard in non password mode". Please explain this? I have an admin password setup on the router.
Again, please explain in detail the steps to SSH into the Synology router. You provide some instructions but you have to start at Step 1 which is how to SSH into the router.
05-30-2017 11:30 AM - edited 05-30-2017 11:31 AM
Or better, you just skip UPNP and all it's associated vulnerabilities and just map things out once and move on.
Still, nice job tracking it down. I wonder why they don't just do the same.
Having wifi problems? Take a look here first: https://help.ubnt.com/hc/en-us/articles/221029967-UniFi-Debugging-Intermittent-Connectivity-Issues-on-your-UAP
05-30-2017 11:35 AM
I have several Synology devices and I never used UPnP. It's much easier to just setup the portforwards that are needed, and those are very well documented.
05-30-2017 12:15 PM
The reason for my interest in this topic. I have the 2600ac. I use Back to My Mac to access my Mac at home. Both computers are on a wired connection. BTMM is very slow and there is a lot of delays. Most of the time, I give up because it is painfully slow. BTMM uses NAT-PMP and UPnP for it to successfully work and this allows my Mac to automatically forward the ports it requires for connectivity. I do have NAT and UPnP enabled but I am not sure if I have to manually enter any ports. I am not sure what port numbers are needed to be added so BTMM can work without any delays or slowness. I am aware of LogMe In, Teamviewer, and others. I don't want to pay for service that can do the same thing as BTMM.
This is why I am interested in getting NAT-PMP enabled or configure port forwarding to work.
05-30-2017 12:36 PM
I think you are confusing things here.
The original post is talking about a Synology NAS and changing settings in an Ubiquiti router.
This is not related to the Synology router, that runs a completely different OS.
I think you could better ask this on the Synology forum. The support there is pretty good too.
05-30-2017 12:57 PM - edited 05-30-2017 12:57 PM
Thanks for pointing that out. That makes sense. I am reading the OP and I thought he was talking about a Synology ROUTER.