2 NAS drives, second NAS keeps picking up security certificate from the first one

Firstly I love the YouTube videos. Particularly as I am a 10 year resident of Raleigh, NC :slight_smile:

I’m having a really curious issue.

I have 2 Synology NAS Drives, a DS418play and a DS923+.

Both have static IP’s.

I have opened up port forwarding on my UnifI controller to 5001, 80 & 443 and specified the Static IP for each NAS in the Port forwarding rules. (So 2 rules for 5001, 2 for 80 and 2 for 443 pointing to each static IP).

I have given each NAS their own Synology.me DDNS name and security certificate through Let’s Encrypt and set these up without issue and made it the default certificate on each NAS and disabled quick connect.

I checked Control Panel>Security>LetsEncryptySecurityCerificateName>settings and everything is selected to use the Let’s Encrypt Certificate on both NAS drives

I set up reverse proxy on each NAS and specified HTTPS, Synology.me ddns name & port 443) to forward to HTTPS, static IP address & Port 5001.I originally specified destination hostname as ‘localhost’ but thought this might be the issue so changed to the static IP for the NAS.

I can log in to the first NAS using DDNS with no issues.

However whenever I try to log in to the second NAS it is using the certificate from the first one (and warns me the second certificate name is being spoofed) and redirects me to the first NAS’s log in page.

I’ve quadruple checked everything but am clearly missing something.

Any thoughts?

The error in your setup is that you have the same DSM port (5001) in both NASs. Differentiate the ports and be smart to change both NASs and stop using 5000/5001 altogether.

Ah of course! That makes complete sense. Thank you, I will check that and will also update the ports, good advice!

No, no and no. The issue Paul referred to wrt port 5001, also applies to ports 80 and 443. You cannot forward a port to multiple LAN IPs. When a client connects to your public IP address on the desired port your router could not know to which NAS it was meant to forward the traffic. It cannot forward the traffic to more than one device, regardless of your “rule set”.