Installation Synology NAS + Synology Routeur + VLAN + VM

Installation
1

Hi,

I am slowly making my steps to build a proper infrastructure to then be able to make the most of the Smart home world.

I have already succeeded to install HA on a VM on a DS720+. Everything worked as expected. Went through a reverse proxy with associated DNS and certificate for external access, all good.
But this was all on one LAN network.

After quite a bit of reading I am convinced of the benefits of the VLAN management approach.
Plan is 3 VLANs for now:

image
image1023×598 29 KB

HA goes on the IoT obviously.
I can connect locally via browser when I am on the IoT Vlan, so I know it is running properly.
The issue is about external access, I try to use the same strategy as when everything was on the same network but it seem that when the NAS does the portforwarding rule to the routeur, it does it to the NAS IP address and not the VM

image
image1294×424 29.1 KB

If I try to log, I get a synology message that the page can’t be found.

As an additional check, if I move the VM to the main/primary network and reconfigure accordingly I can access it from outside.

Thanks!

2

A small addition I would like to do.

Even-though I can’t access the HA interface via browser or mobile app, I receive the mobile notifications with integrated information on sensor status.
Maybe this helps someone to better pin point the mistake.

3

So after a few hours of work.

I did an error where my primary network was “isolated”, this is specific to synology SRM. Both networks must not be isolated as it prevails to the firewall rules.

The second part missing was in the configuration.yaml with the reverse proxies.
The following must be mentionned:

  • IP of the NAS
  • IP of the VM
  • IP of the VM secondary (172.30.32.0/24)
  • IP of the VM secondary (172.30.232.0/24)

Hope that it can help someone