Domoticz

Not sure where to post and pretty sure I'm about to ask a dumb question, but I just can't figure it out and think I'm missing something..

How do I set the Domoticz Android app to connect with Domoticz running on my Synology NAS locally AND externally?
I do have a QuickConnect account for stuff like this, but the app only accepts an IP adress.
So I can only acces my switches when connected to my Wi-Fi at the moment.

Hello,

i'm note sure it's the better way, but it's quite safe : i connect to my synology over a vpn (openvpn with vpn server), then i can use all apps on it

You can do it with the External Access feature of Synology DSM. See screenshot below : I use Synology Dynamic DNS service to have a fixed WAN IP address like MYHOSTNAME.synology.me. Then I use this Fixed WAN IP address to access Domoticz from outside (externally)

Antori91 wrote: ↑Thursday 18 October 2018 9:35 You can do it with the External Access feature of Synology DSM. See screenshot below : I use Synology Dynamic DNS service to have a fixed WAN IP address like MYHOSTNAME.synology.me. Then I use this Fixed WAN IP address to access Domoticz from outside (externally)
Capture.JPG

Hi safe would you rate this option?

Jumper3126 wrote: ↑Thursday 18 October 2018 14:33

Antori91 wrote: ↑Thursday 18 October 2018 9:35 You can do it with the External Access feature of Synology DSM. See screenshot below : I use Synology Dynamic DNS service to have a fixed WAN IP address like MYHOSTNAME.synology.me. Then I use this Fixed WAN IP address to access Domoticz from outside (externally)
Capture.JPG

Hi safe would you rate this option?

From my experience (based at incoming connection log messages tracking), it is OK if you don't use usual standard Web port (locally you can use standard web port like 8084 but declare/use unusual port in your router NAT rule). With this simple rule, you don't see anymore weird connection coming from Russia or another countries.

Antori91 wrote: ↑Thursday 18 October 2018 15:20 it is OK if you don't use usual standard Web port (locally you can use standard web port like 8084 but declare/use unusual port in your router NAT rule). With this simple rule, you don't see anymore weird connection coming from Russia or another countries.

Keep on dreaming.
I can assure you that you want to put proper security measures inplace as the "special" port will be known at some point and they will keep on hacking it until they have access.
So you really need to implement HTTPS and and some sort of either VPN or Fail2Ban to limit the number of failing attempts to access it from the internet.

just my 2 cents.
Jos

I use VPN but for highly sensible data and services. My Domoticz server doesn't range (for me ) in this sensible category !

By the way:
- limit the number of login tries is a built-in feature of the Synology DSM Unix like,
- another built-in is a firewall with pre-built rules for example avoiding connection from one country or another and block the connection after a number of unsuccessful tries.

About https, where did you read that I don't use https? But may I ask you to explain how using https avoid to be hacked ? Because your web server use https, you think I can't connect to it and try to login. I'm not sure who is the dreamer