23-06-2018 09:32 PM - edited 24-06-2018 08:31 PM
I've just transferred from Virgin to Talk Talk. In the Virgin hub I was using this IP address 192.168.0.4, I had 3 entries under the Security port forwarding using port forwarding 80-80 for TCP, 63791-63791 for UDP and 125-125 for BOTH.
In the Sagemcom Fast 5364 in Manage Advance Settings > Access Control > Add rules manually, I face this image. What do I type in those boxes, what service and protocol do I select. As I am hosting a website in the Synology DS213+ box.
on 25-12-2020 01:49 PM
Glad to help.
on 24-12-2020 06:01 PM
Image you attached helped me a lot
* is external host solved my problem
I am using Remote desktop on win 10
I used following settings.
internal and external port both are set at 3389
internal host ....is ipv4 192.168.1.10
external host ........ just put *
protocol used TCP-UDP
service is other
worked like magic.
Thanks a lot
on 08-07-2018 07:01 PM
Your Synology box from what I understand is hosting the website:-
Therefore it has to be running as a webserver to do this. That is the webserver I refer to, all I can suggest is that you contact Synology for help on this, as this problem is nothing to do with your Wi-Fi hub.
on 08-07-2018 12:46 PM
Messages like these are down to the configuration of your webserver, which you need to fix. I can only suggest you contact the technical support offered by the webserver developers.
on 07-07-2018 11:13 PM
I managed to login to the wordpress.org version of my website, which is a plugin within the DSM from my iphone 5s using 4G. Before I logged in I did get this website is no secure in red at the top of the safari page, see image. I wouldn't though let me view the site I can see as a draft which can only be seen by me until I export to another folder and it then appears to the public as my website (next sentence).
However i can't access the website www.projectionpictures.com I get a 403 page and that's a page being generated by the DSM unit.
on 07-07-2018 10:01 PM
How are you trying to access them? You need to do this from another broadband or 3/4G. If you try to access them from a device on your local LAN, it will fail. This is classed as loopback traffic and your router will block it, as it is considered a security risk.
on 07-07-2018 07:40 PM
I used the port checker and found out that ports 53, 80, 5001, 5000, 443, 6690 are open to my laptop IP address.
However the website address address the wordpress page are still 'Page Cannot be displayed'.
I'm not sure what else I can do, as I'm rather puzzled by it. The synology interface doesn't have any alarm warnings that any setting is wrong, as that is what it normally does.
on 07-07-2018 01:14 PM
I would not recommend the use of a 3rd party tool to configure the router, what is wrong with doing it manually with a browser' it is not very difficult?
Are the ports open? Check one at a time with this site:-
on 07-07-2018 12:57 PM
So I've done what you've suggested. I used a tool in the DSM box called EZ wizard to create some port forwarding in the TalkTalk hub. Now the hub has actually recognised the device as DS213 but the EZWizard also changed the IP of the Synology/DSM box from 192.168.1.15 to 192.168.1.221 for reasons I don't understand.
I'm getting closer but not there yet.
on 06-07-2018 07:28 PM
Your port forwarding config is wrong. You should never put an entry in the external host field, unless you want to restrict it to one public IP address that you want to connect from.
If you were connected on the internet on a public IP address of say 220.127.116.11, if you put 18.104.22.168 in the external host field, then yes you would be able to connect. However, if the next time you were allocated 22.214.171.124, you would never be able to connect.
My recommendation is to always leave that field blank, but putting the router's IP address in there, just means that no one will ever be able to connect to your server.
on 06-07-2018 03:04 PM
If you want those ports open, use the port forwarding configuration rules.
on 06-07-2018 12:21 PM
I have now established port settings within the talktalk box (80, 443, 5000, 5001 all as TCP)which should be compatible with the output port setting in the synology box. The DDNS is setup. However the TalkTalk router does not appear in a long list of routers in the Control Panel > Set up Router > Detect Router information. Apparently the TalkTalk doesn't appear to have a compatible UPnP, even though there is one in the router. See attachment.
Sorry for the delay in getting back to you but I've been corresponding with Synology support as well, and the problem now appears to be with configure the talk talk router. When I type in www.projectionpictures.com. I get this long denied access web address from talk talk. (I can't paste in here as the box won't allow the characters in the reply).
on 25-06-2018 06:44 PM
So the synology unit is the device you are forwarding to as well as being the DDNS client, that is OK. How have you got on with testing the forwarding?
on 25-06-2018 03:04 PM
What do you mean by:-
Control Panel > External Access
on 25-06-2018 02:16 PM
You should also consider using a DDNS provider that is supported by the router to overcome the problem of public IP address changes.
I have already done this before. In the Control Panel > External Access there is this.
Service Provider: Synology
Ext IP: 82.35.145. 73
Not to sure if its setup as a static IP.
on 25-06-2018 11:00 AM
There is also an additional way to get to port forwarding that will pre-populate the Internal Host field for you.
Dashboard > My Devices
Click on the device that you wish to forward to.
Click on Port Forwarding
Click Add Rule
This will populate the Internal Host box of the Add Rule screen with that device's IP address.
You will need to create three separate rules, here is an example for TCP port 80:-
The other two can be done like this, changing:-
Custom Service Name: Port63791
External Port: 63791
Internal Port: 63791
Custom Service Name: Port125
External Port: 125
Internal Port: 125
You will need to setup a static IP address configured on the device where the ports are being forwarded to.
You should also consider using a DDNS provider that is supported by the router to overcome the problem of public IP address changes. I can help more with that if required.