{"id":16273,"date":"2025-05-28T12:12:40","date_gmt":"2025-05-28T10:12:40","guid":{"rendered":"https:\/\/www.beseit.net\/?p=16273"},"modified":"2025-08-07T19:13:35","modified_gmt":"2025-08-07T17:13:35","slug":"2-servidors-synolgy-amb-la-mateixa-ip-publica","status":"publish","type":"post","link":"https:\/\/www.beseit.net\/?p=16273","title":{"rendered":"?? 2 SERVIDORS SYNOLGY AMB LA MATEIXA IP P\u00daBLICA"},"content":{"rendered":"\n<h3 class=\"wp-block-heading\">? Problema:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tens <strong>una sola IP p\u00fablica <\/strong>: <code>81.0.60.36<\/code><\/li>\n\n\n\n<li>Vols accedir a <strong>dos servidors diferents <\/strong>(NAS1 i NAS2)<\/li>\n\n\n\n<li>Ambdues m\u00e0quines tenen <strong>IPs internes (privades) <\/strong>:\n<ul class=\"wp-block-list\">\n<li>NAS1: <code>192.168.1.41<\/code><\/li>\n\n\n\n<li>NAS2: <code>192.168.1.49<\/code><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">1. <strong>LAN (Local Area Network)<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u00c9s la teva xarxa local dins de casa.<\/li>\n\n\n\n<li>Els dispositius connectats (com els dos NAS) tenen <strong>IPs privades <\/strong>com <code>192.168.x.x<\/code>.<\/li>\n\n\n\n<li>Nom\u00e9s es poden veure entre si dins de la xarxa local.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">2. <strong>WAN (Wide Area Network)<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u00c9s la connexi\u00f3 a Internet.<\/li>\n\n\n\n<li>El router rep una <strong>IP p\u00fablica <\/strong>assignada pel prove\u00efdor d&#8217;internet (<code>81.0.60.36<\/code> en el teu cas).<\/li>\n\n\n\n<li>Aquesta \u00e9s l\u2019\u00fanica adre\u00e7a visible des de fora.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. <strong>Port Forwarding \/ Virtual Server<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u00c9s una regla al router que diu:&#8221;Si alg\u00fa truca al port X de la meva IP p\u00fablica, envia-ho a l\u2019equip Y de la meva xarxa local pel port Z&#8221;<\/li>\n<\/ul>\n\n\n\n<p>Exemple:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Quan entra: http:\/\/81.0.60.36:8080\n\u2192 El router ho reenvia a: http:\/\/192.168.1.49:80<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">?\ufe0f DETALL DE LA TEVA CONFIGURACI\u00d3 AL ROUTER<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Camp<\/th><th>Valor<\/th><th>Explicaci\u00f3<\/th><\/tr><\/thead><tbody><tr><td><strong>Name<\/strong><\/td><td>NAS2_HTTP<\/td><td>Nom identificatiu de la regla<\/td><\/tr><tr><td><strong>Protocol<\/strong><\/td><td>TCP<\/td><td>HTTP utilitza TCP, no UDP<\/td><\/tr><tr><td><strong>WAN Port Start\/End<\/strong><\/td><td>8080 \u2013 8080<\/td><td>Quin port escolta el router des de fora<\/td><\/tr><tr><td><strong>LAN Host<\/strong><\/td><td>192.168.1.49<\/td><td>Adre\u00e7a IP interna del segon NAS<\/td><\/tr><tr><td><strong>LAN Port<\/strong><\/td><td>80<\/td><td>A quin port escolta el servei web del NAS2<\/td><\/tr><tr><td><strong>Action<\/strong><\/td><td>Enabled<\/td><td>Regla activa<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? FLUX DE DADES: Com funciona pas a pas<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. Tu escrius aix\u00f2 des de fora:<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><mark style=\"background-color:rgba(0, 0, 0, 0);color:#f11717\" class=\"has-inline-color\">http:\/\/81.0.60.36:8080\/0capsa_dic\/<\/mark>\n\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">2. La sol\u00b7licitud arriba al router:<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>El router rep la petici\u00f3 al port <code>8080<\/code><\/li>\n\n\n\n<li>Consulta les seves regles de <strong>port forwarding<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. Aplica la regla:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Reempla\u00e7a:\n<ul class=\"wp-block-list\">\n<li>IP p\u00fablica: <code>81.0.60.36:8080<\/code><\/li>\n\n\n\n<li>Per: <code>192.168.1.49:80<\/code><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4. Envia la sol\u00b7licitud al NAS2:<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>http:&#47;&#47;192.168.1.49:80\/0capsa_dic\/\nEl NAS2 rep la sol\u00b7licitud com si fos:\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">5. El NAS2 respon:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Processa la sol\u00b7licitud<\/li>\n\n\n\n<li>Retorna el contingut de <code>\/0capsa_dic\/<\/code> via el mateix cam\u00ed<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Comparativa: NAS Principal vs NAS Secundari<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Concepte<\/th><th>NAS Principal<\/th><th>NAS Secundari<\/th><\/tr><\/thead><tbody><tr><td>IP Local<\/td><td>192.168.1.41<\/td><td>192.168.1.49<\/td><\/tr><tr><td>Acc\u00e9s extern<\/td><td><a href=\"http:\/\/81.0.60.36\/\" target=\"_blank\" rel=\"noreferrer noopener\">http:\/\/81.0.60.36<\/a><\/td><td><a href=\"http:\/\/81.0.60.36:8080\/\" target=\"_blank\" rel=\"noreferrer noopener\">http:\/\/81.0.60.36:8080<\/a><\/td><\/tr><tr><td>Regla de port forwarding<\/td><td>80 \u2192 80<\/td><td>8080 \u2192 80<\/td><\/tr><tr><td>Protocol<\/td><td>TCP<\/td><td>TCP<\/td><\/tr><tr><td>\u00das<\/td><td>Acc\u00e9s principal<\/td><td>Segona funcionalitat o usuari<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Conceptes avan\u00e7ats relacionats<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. <strong>NAT Loopback \/ Hairpin NAT<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Si fas la prova <strong>des de dins la xarxa local <\/strong>amb <code>http:\/\/81.0.60.36:8080<\/code>, pot no funcionar.<\/li>\n\n\n\n<li>Aix\u00f2 passa perqu\u00e8 alguns routers no suporten tornar enrere el tr\u00e0fic (&#8220;loop&#8221;).<\/li>\n\n\n\n<li>Si vols que funcioni tamb\u00e9 localment, busca a la configuraci\u00f3 del router l\u2019opci\u00f3:<br><strong>&#8220;Enable NAT Loopback&#8221; o &#8220;Hairpin NAT&#8221;<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2. <strong>DDNS (Dynamic DNS)<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Si vols evitar usar sempre la IP p\u00fablica (<code>81.0.60.36<\/code>), pots usar un nom DDNS:\n<ul class=\"wp-block-list\">\n<li>Ex: <code>mynas.synology.me<\/code><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Al DSM pots configurar-lo autom\u00e0ticament sota <strong>Control Panel &gt; External Access &gt; DDNS<\/strong><\/li>\n<\/ul>\n\n\n\n<p>Despr\u00e9s pots accedir a:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>NAS1: <code>http:\/\/mynas.synology.me<\/code><\/li>\n\n\n\n<li>NAS2: <code>http:\/\/mynas.synology.me:8080<\/code><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. <strong>HTTPS + Ports Alternatius<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Si configuressis HTTPS:\n<ul class=\"wp-block-list\">\n<li>NAS1: <code>https:\/\/81.0.60.36<\/code> (port 443)<\/li>\n\n\n\n<li>NAS2: <code>https:\/\/81.0.60.36:8443<\/code> (port 8443)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>El proc\u00e9s seria exactament igual, canviant nom\u00e9s els ports.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u2705 Resum visual del flux<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>Extern             Router            LAN\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500           \u2500\u2500\u2500\u2500\u2500\u2500\u2500           \u2500\u2500\u2500\u2500\u2500\u2500\u2500\nhttp:&#47;&#47;81.0.60.36:8080\n        \u2193\n&#91;Port Forwarding Rule]\nWAN Port: 8080 \u2192 LAN IP: 192.168.1.49 : Port 80\n        \u2193\nhttp:\/\/192.168.1.49:80\/0capsa_dic\/\n\n\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">? Proves recomanades<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Des de fora de casa (ex: m\u00f2bil en dades):<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Prova aquest UR<\/li>\n<\/ul>\n\n\n\n<p>http:\/\/81.0.60.36:8080<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Des de dins de casa:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Si no funciona, prova directament<\/li>\n\n\n\n<li><a href=\"http:\/\/192.168.1.49\/0capsa_dic\/\">http:\/\/192.168.1.49\/0capsa_dic\/<\/a><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/assets.alicdn.com\/g\/qwenweb\/qwen-webui-fe\/0.0.104\/static\/qwen_icon_light_84.png\" alt=\"profile\"\/><\/figure>\n\n\n\n<p><strong>Qwen3-235B-A22B<\/strong><\/p>\n\n\n\n<p>Perfecte! ?<br>Has configurat correctament el <strong>port forwarding <\/strong>al router per permetre l\u2019acc\u00e9s a un segon Synology (NAS2) des de l\u2019exterior, compartint la mateixa IP p\u00fablica (<code>81.0.60.36<\/code>) que el primer NAS.<\/p>\n\n\n\n<p>Ara et far\u00e9 una explicaci\u00f3 detallada del proc\u00e9s, amb conceptes clars com <strong>LAN <\/strong>, <strong>WAN <\/strong>, <strong>IP p\u00fabliques i privades <\/strong>, <strong>port forwarding <\/strong>, etc., aplicats al teu cas concret.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? CONTEXT GENERAL: 2 SERVIDORS SYNOLGY AMB LA MATEIXA IP P\u00daBLICA<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">? Problema:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tens <strong>una sola IP p\u00fablica <\/strong>: <code>81.0.60.36<\/code><\/li>\n\n\n\n<li>Vols accedir a <strong>dos servidors diferents <\/strong>(NAS1 i NAS2)<\/li>\n\n\n\n<li>Ambdues m\u00e0quines tenen <strong>IPs internes (privades) <\/strong>:\n<ul class=\"wp-block-list\">\n<li>NAS1: <code>192.168.1.41<\/code><\/li>\n\n\n\n<li>NAS2: <code>192.168.1.49<\/code><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u2705 Soluci\u00f3:<\/h3>\n\n\n\n<p>Utilitzar diferents <strong>ports WAN <\/strong>per redirigir cap a cada servidor local (LAN).<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Conceptes b\u00e0sics<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. <strong>LAN (Local Area Network)<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u00c9s la teva xarxa local dins de casa.<\/li>\n\n\n\n<li>Els dispositius connectats (com els dos NAS) tenen <strong>IPs privades <\/strong>com <code>192.168.x.x<\/code>.<\/li>\n\n\n\n<li>Nom\u00e9s es poden veure entre si dins de la xarxa local.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2. <strong>WAN (Wide Area Network)<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u00c9s la connexi\u00f3 a Internet.<\/li>\n\n\n\n<li>El router rep una <strong>IP p\u00fablica <\/strong>assignada pel prove\u00efdor d&#8217;internet (<code>81.0.60.36<\/code> en el teu cas).<\/li>\n\n\n\n<li>Aquesta \u00e9s l\u2019\u00fanica adre\u00e7a visible des de fora.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. <strong>Port Forwarding \/ Virtual Server<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u00c9s una regla al router que diu:&#8221;Si alg\u00fa truca al port X de la meva IP p\u00fablica, envia-ho a l\u2019equip Y de la meva xarxa local pel port Z&#8221;<\/li>\n<\/ul>\n\n\n\n<p>Exemple:<\/p>\n\n\n\n<p>1<\/p>\n\n\n\n<p>2<\/p>\n\n\n\n<p>Quan entra: http:\/\/81.0.60.36:8080<\/p>\n\n\n\n<p>\u2192 El router ho reenvia a: http:\/\/192.168.1.49:80<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">?\ufe0f DETALL DE LA TEVA CONFIGURACI\u00d3 AL ROUTER<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Camp<\/th><th>Valor<\/th><th>Explicaci\u00f3<\/th><\/tr><\/thead><tbody><tr><td><strong>Name<\/strong><\/td><td>NAS2_HTTP<\/td><td>Nom identificatiu de la regla<\/td><\/tr><tr><td><strong>Protocol<\/strong><\/td><td>TCP<\/td><td>HTTP utilitza TCP, no UDP<\/td><\/tr><tr><td><strong>WAN Port Start\/End<\/strong><\/td><td>8080 \u2013 8080<\/td><td>Quin port escolta el router des de fora<\/td><\/tr><tr><td><strong>LAN Host<\/strong><\/td><td>192.168.1.49<\/td><td>Adre\u00e7a IP interna del segon NAS<\/td><\/tr><tr><td><strong>LAN Port<\/strong><\/td><td>80<\/td><td>A quin port escolta el servei web del NAS2<\/td><\/tr><tr><td><strong>Action<\/strong><\/td><td>Enabled<\/td><td>Regla activa<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? FLUX DE DADES: Com funciona pas a pas<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. Tu escrius aix\u00f2 des de fora:<\/h3>\n\n\n\n<p>1<\/p>\n\n\n\n<p>http:\/\/81.0.60.36:8080\/0capsa_dic\/<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. La sol\u00b7licitud arriba al router:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>El router rep la petici\u00f3 al port <code>8080<\/code><\/li>\n\n\n\n<li>Consulta les seves regles de <strong>port forwarding<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. Aplica la regla:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Reempla\u00e7a:\n<ul class=\"wp-block-list\">\n<li>IP p\u00fablica: <code>81.0.60.36:8080<\/code><\/li>\n\n\n\n<li>Per: <code>192.168.1.49:80<\/code><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4. Envia la sol\u00b7licitud al NAS2:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>El NAS2 rep la sol\u00b7licitud com si fos:1http:\/\/192.168.1.49:80\/0capsa_dic\/<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5. El NAS2 respon:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Processa la sol\u00b7licitud<\/li>\n\n\n\n<li>Retorna el contingut de <code>\/0capsa_dic\/<\/code> via el mateix cam\u00ed<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Comparativa: NAS Principal vs NAS Secundari<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Concepte<\/th><th>NAS Principal<\/th><th>NAS Secundari<\/th><\/tr><\/thead><tbody><tr><td>IP Local<\/td><td>192.168.1.41<\/td><td>192.168.1.49<\/td><\/tr><tr><td>Acc\u00e9s extern<\/td><td><a href=\"http:\/\/81.0.60.36\/\" target=\"_blank\" rel=\"noreferrer noopener\">http:\/\/81.0.60.36<\/a><\/td><td><a href=\"http:\/\/81.0.60.36:8080\/\" target=\"_blank\" rel=\"noreferrer noopener\">http:\/\/81.0.60.36:8080<\/a><\/td><\/tr><tr><td>Regla de port forwarding<\/td><td>80 \u2192 80<\/td><td>8080 \u2192 80<\/td><\/tr><tr><td>Protocol<\/td><td>TCP<\/td><td>TCP<\/td><\/tr><tr><td>\u00das<\/td><td>Acc\u00e9s principal<\/td><td>Segona funcionalitat o usuari<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Conceptes avan\u00e7ats relacionats<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. <strong>NAT Loopback \/ Hairpin NAT<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Si fas la prova <strong>des de dins la xarxa local <\/strong>amb <code>http:\/\/81.0.60.36:8080<\/code>, pot no funcionar.<\/li>\n\n\n\n<li>Aix\u00f2 passa perqu\u00e8 alguns routers no suporten tornar enrere el tr\u00e0fic (&#8220;loop&#8221;).<\/li>\n\n\n\n<li>Si vols que funcioni tamb\u00e9 localment, busca a la configuraci\u00f3 del router l\u2019opci\u00f3:<br><strong>&#8220;Enable NAT Loopback&#8221; o &#8220;Hairpin NAT&#8221;<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2. <strong>DDNS (Dynamic DNS)<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Si vols evitar usar sempre la IP p\u00fablica (<code>81.0.60.36<\/code>), pots usar un nom DDNS:\n<ul class=\"wp-block-list\">\n<li>Ex: <code>mynas.synology.me<\/code><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Al DSM pots configurar-lo autom\u00e0ticament sota <strong>Control Panel &gt; External Access &gt; DDNS<\/strong><\/li>\n<\/ul>\n\n\n\n<p>Despr\u00e9s pots accedir a:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>NAS1: <code>http:\/\/mynas.synology.me<\/code><\/li>\n\n\n\n<li>NAS2: <code>http:\/\/mynas.synology.me:8080<\/code><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. <strong>HTTPS + Ports Alternatius<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Si configuressis HTTPS:\n<ul class=\"wp-block-list\">\n<li>NAS1: <code>https:\/\/81.0.60.36<\/code> (port 443)<\/li>\n\n\n\n<li>NAS2: <code>https:\/\/81.0.60.36:8443<\/code> (port 8443)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>El proc\u00e9s seria exactament igual, canviant nom\u00e9s els ports.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u2705 Resum visual del flux<\/h2>\n\n\n\n<p>1<\/p>\n\n\n\n<p>2<\/p>\n\n\n\n<p>3<\/p>\n\n\n\n<p>4<\/p>\n\n\n\n<p>5<\/p>\n\n\n\n<p>6<\/p>\n\n\n\n<p>7<\/p>\n\n\n\n<p>8<\/p>\n\n\n\n<p>Extern Router LAN<\/p>\n\n\n\n<p>\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500<\/p>\n\n\n\n<p>http:\/\/81.0.60.36:8080<\/p>\n\n\n\n<p>\u2193<\/p>\n\n\n\n<p>[Port Forwarding Rule]<\/p>\n\n\n\n<p>WAN Port: 8080 \u2192 LAN IP: 192.168.1.49 : Port 80<\/p>\n\n\n\n<p>\u2193<\/p>\n\n\n\n<p>http:\/\/192.168.1.49:80\/0capsa_dic\/<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Proves recomanades<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Des de fora de casa (ex: m\u00f2bil en dades):<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Prova aquest URL:1http:\/\/81.0.60.36:8080\/0capsa_dic\/<\/li>\n\n\n\n<li>Hauries de veure el contingut correctament.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Des de dins de casa:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Si no funciona, prova directament:1http:\/\/192.168.1.49\/0capsa_dic\/Per assegurar-te que el servidor web est\u00e0 actiu.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Conclusi\u00f3<\/h2>\n\n\n\n<p>\u2705 Has configurat correctament el <strong>port forwarding <\/strong>per permetre accedir a dos servidors diferents (NAS1 i NAS2) mitjan\u00e7ant la <strong>mateixa IP p\u00fablica <\/strong>.<\/p>\n\n\n\n<p>? Utilitzes diferents ports (<code>80<\/code> i <code>8080<\/code>) per separar el tr\u00e0fic<br>? El router fa de traductor entre el m\u00f3n exterior (Internet) i la teva xarxa local (LAN)<br>? No cal canviar res als Synology, ja que escolten pel port 80 i el router fa la traducci\u00f3<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Si vols, puc preparar-te un esquema gr\u00e0fic o fer una guia pas a pas per configurar el mateix amb <strong>HTTPS <\/strong>(ports 443 i 8443), o fins i tot per gestionar aix\u00f2 amb <strong>subdominis <\/strong>i un <strong>reverse proxy <\/strong>.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Perfecte! ?<br>Ara que ja hem configurat <strong>HTTP amb dos Synology compartint la mateixa IP p\u00fablica<\/strong>, podem fer el mateix per\u00f2 amb <strong>HTTPS (encriptat)<\/strong>. Aix\u00f2 et permetr\u00e0 accedir als dos NAS de manera segura, com:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>NAS1: <code>https:\/\/81.0.60.36<\/code><\/li>\n\n\n\n<li>NAS2: <code>https:\/\/81.0.60.36:8443<\/code><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Configuraci\u00f3 HTTPS per a 2 Synology amb una sola IP p\u00fablica<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">? Objectiu:<\/h3>\n\n\n\n<p>Configurar els ports i regles al router perqu\u00e8:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>El primer Synology respongui a <code>https:\/\/81.0.60.36<\/code> pel port <strong>443<\/strong><\/li>\n\n\n\n<li>El segon Synology respongui a <code>https:\/\/81.0.60.36:8443<\/code> pel port <strong>8443<\/strong><\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Igual que abans, farem servir <strong>port forwarding<\/strong> per redirigir diferents ports WAN cap a cada servidor local.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u2705 Configuraci\u00f3 pas a pas<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">? PAS 1: Activa el servei HTTPS als dos Synology<\/h3>\n\n\n\n<p>V\u00e9s a:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>DSM &gt; Control Panel &gt; Terminal &amp; SNMP<\/code><\/pre>\n\n\n\n<p>Assegura\u2019t que tens:<\/p>\n\n\n\n<p>\u2705 <strong>Enable HTTPS service on port 443<\/strong><br>(els dos NAS han d\u2019escoltar pel port 443)<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>No canvi\u00efs aquest valor al DSM. Deixa\u2019l en 443.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">? PAS 2: Configura les regles al router<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">? Regla per al NAS1 \u2013 HTTPS<\/h4>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Camp<\/th><th>Valor<\/th><\/tr><\/thead><tbody><tr><td>Name<\/td><td>NAS1_HTTPS<\/td><\/tr><tr><td>Protocol<\/td><td>TCP<\/td><\/tr><tr><td>WAN Port Start\/End<\/td><td><code>443 - 443<\/code><\/td><\/tr><tr><td>LAN IP Address<\/td><td><code>192.168.1.41<\/code><\/td><\/tr><tr><td>LAN Port<\/td><td><code>443<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">? Regla per al NAS2 \u2013 HTTPS<\/h4>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Camp<\/th><th>Valor<\/th><\/tr><\/thead><tbody><tr><td>Name<\/td><td>NAS2_HTTPS<\/td><\/tr><tr><td>Protocol<\/td><td>TCP<\/td><\/tr><tr><td>WAN Port Start\/End<\/td><td><code>8443 - 8443<\/code><\/td><\/tr><tr><td>LAN IP Address<\/td><td><code>192.168.1.49<\/code><\/td><\/tr><tr><td>LAN Port<\/td><td><code>443<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Flux de dades amb HTTPS<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>Extern                         Router                      LAN\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500                \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500                 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nhttps:&#47;&#47;81.0.60.36:443\n         \u2193\n&#91;Port Forwarding Rule]\nWAN Port: 443 \u2192 LAN IP: 192.168.1.41 : Port 443\n         \u2193\nhttps:\/\/192.168.1.41:443<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>Extern                           Router                      LAN\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500              \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500                 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nhttps:&#47;&#47;81.0.60.36:8443\n         \u2193\n&#91;Port Forwarding Rule]\nWAN Port: 8443 \u2192 LAN IP: 192.168.1.49 : Port 443\n         \u2193\nhttps:\/\/192.168.1.49:443<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Proves recomanades<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Des de fora de casa:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Prova aquest URLs:<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>  https:&#47;&#47;81.0.60.36\n  https:\/\/81.0.60.36:8443<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Si tens DDNS:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Exemple amb <code>mynas.synology.me<\/code>:<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>  https:&#47;&#47;mynas.synology.me\n  https:\/\/mynas.synology.me:8443<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u26a0\ufe0f Errors comuns i solucions<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Problema<\/th><th>Possible causa<\/th><th>Soluci\u00f3<\/th><\/tr><\/thead><tbody><tr><td>No carrega<\/td><td>Port no obert al router<\/td><td>Revisa la regla de port forwarding<\/td><\/tr><tr><td>Certificat d\u2019error<\/td><td>Certificat autofirmat<\/td><td>Instal\u00b7la un certificat v\u00e0lid o accepta&#8217;l manualment<\/td><\/tr><tr><td>Acc\u00e9s nom\u00e9s funciona localment<\/td><td>Falta NAT Loopback<\/td><td>Activa &#8220;Hairpin NAT&#8221; al router<\/td><\/tr><tr><td>Carrega el NAS1 quan entres al NAS2<\/td><td>Conflicte de ports<\/td><td>Assegura&#8217;t que no hi ha duplicats<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? BONUS: Usar subdominis i Reverse Proxy (opcional avan\u00e7at)<\/h2>\n\n\n\n<p>Si vols accedir-hi amb noms nets com:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>nas1.elmeunom.cat<\/code><\/li>\n\n\n\n<li><code>nas2.elmeunom.cat<\/code><\/li>\n<\/ul>\n\n\n\n<p>Pots usar el <strong>Reverse Proxy del DSM<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Com?<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Tens un domini propi (ex: <code>elmeunom.cat<\/code>)<\/li>\n\n\n\n<li>Apuntes <code>A Record<\/code> del domini a la teva IP p\u00fablica (<code>81.0.60.36<\/code>)<\/li>\n\n\n\n<li>Al DSM principal (NAS1), actives:<\/li>\n<\/ol>\n\n\n\n<pre class=\"wp-block-code\"><code>   DSM &gt; Portal Web &gt; Reverse Proxy<\/code><\/pre>\n\n\n\n<ol start=\"4\" class=\"wp-block-list\">\n<li>Crees una regla que diu:<\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Quan alg\u00fa entra a <code>nas2.elmeunom.cat<\/code> \u2192 reenvia a <code>https:\/\/192.168.1.49<\/code><\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Aix\u00ed pots gestionar molts servidors amb un sol port (ex: tot pel port 443) i m\u00faltiples dominis.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? En resum<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Servei<\/th><th>URL<\/th><th>Port WAN<\/th><th>Port LAN<\/th><th>Destinaci\u00f3<\/th><\/tr><\/thead><tbody><tr><td>NAS1 HTTP<\/td><td>http:\/\/81.0.60.36<\/td><td>80<\/td><td>80<\/td><td>192.168.1.41<\/td><\/tr><tr><td>NAS2 HTTP<\/td><td>http:\/\/81.0.60.36:8080<\/td><td>8080<\/td><td>80<\/td><td>192.168.1.49<\/td><\/tr><tr><td>NAS1 HTTPS<\/td><td>https:\/\/81.0.60.36<\/td><td>443<\/td><td>443<\/td><td>192.168.1.41<\/td><\/tr><tr><td>NAS2 HTTPS<\/td><td>https:\/\/81.0.60.36:8443<\/td><td>8443<\/td><td>443<\/td><td>192.168.1.49<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Si vols, puc preparar-te un esquema visual o guia pas a pas per instal\u00b7lar certs SSL autom\u00e0tics amb <strong>Let&#8217;s Encrypt<\/strong>, o fins i tot configurar el <strong>reverse proxy<\/strong> per evitar usar ports extra.<\/p>\n\n\n\n<p>Perfecte! ?<br>Ara que tens configurat <strong>l\u2019acc\u00e9s HTTP i HTTPS als dos Synology<\/strong> compartint la mateixa IP p\u00fablica (<code>81.0.60.36<\/code>), pots fer un pas m\u00e9s endavant i <strong>utilitzar certificats SSL v\u00e0lids (Let\u2019s Encrypt)<\/strong> per accedir als dos NAS de manera segura, sense avisos d\u2019inseguretat al navegador.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">?\ufe0f Objectiu<\/h2>\n\n\n\n<p>Configurar <strong>certificats SSL amb Let&#8217;s Encrypt<\/strong> per a:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>NAS1: <code>https:\/\/nas1.elmeunom.cat<\/code><\/li>\n\n\n\n<li>NAS2: <code>https:\/\/nas2.elmeunom.cat<\/code><\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Amb un sol domini propi i subdominis, pots gestionar certs per a tots els servidors!<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">? PAS A PAS: CONFIGURACI\u00d3 DE CERTIFICATS SSL PER A 2 SYNOLGY AMB UNA SOLA IP<\/h1>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u2705 Requisits previs<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Requisit<\/th><th>Est\u00e0 preparat?<\/th><\/tr><\/thead><tbody><tr><td>Domini propi (ex: <code>elmeunom.cat<\/code>)<\/td><td>\u2705 \/ \u274c<\/td><\/tr><tr><td>Subdominis apuntant a la IP p\u00fablica (<code>A Record<\/code>)<\/td><td>\u2705 \/ \u274c<\/td><\/tr><tr><td>Port 443 obert al router (per Let&#8217;s Encrypt)<\/td><td>\u2705 \/ \u274c<\/td><\/tr><tr><td>Synology DSM actualitzat<\/td><td>\u2705 \/ \u274c<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? PAS 1: Apunta el teu domini cap a la IP p\u00fablica<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Exemple:<\/h3>\n\n\n\n<p>Tens un domini: <code>elmeunom.cat<\/code><\/p>\n\n\n\n<p>Crea aquests <strong>registres DNS<\/strong> tipus <code>A<\/code>:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Subdomini<\/th><th>Adre\u00e7a IP<\/th><\/tr><\/thead><tbody><tr><td>nas1.elmeunom.cat<\/td><td>81.0.60.36<\/td><\/tr><tr><td>nas2.elmeunom.cat<\/td><td>81.0.60.36<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Aix\u00f2 es fa des del panell d\u2019administraci\u00f3 del registador de dominis (ex: GoDaddy, Namecheap, IONOS\u2026)<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? PAS 2: Configura un <strong>Reverse Proxy<\/strong> al NAS principal<\/h2>\n\n\n\n<p>El <strong>Reverse Proxy<\/strong> et permet gestionar m\u00faltiples dominis i redirigir-los a diferents serveis o NAS, encara que estiguin dins de la xarxa local.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Com es fa?<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">1. Al NAS1 (principal):<\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>DSM &gt; Portal Web &gt; Reverse Proxy<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">2. Crea una regla nova:<\/h4>\n\n\n\n<h5 class=\"wp-block-heading\">Per a <code>nas1.elmeunom.cat<\/code>:<\/h5>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Camp<\/th><th>Valor<\/th><\/tr><\/thead><tbody><tr><td>Descripci\u00f3<\/td><td>NAS1<\/td><\/tr><tr><td>Protocol<\/td><td>HTTPS<\/td><\/tr><tr><td>Domini<\/td><td><code>nas1.elmeunom.cat<\/code><\/td><\/tr><tr><td>Port 443<\/td><td>\u2705 Activat<\/td><\/tr><tr><td>Dest\u00ed<\/td><td><code>https:\/\/192.168.1.41<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h5 class=\"wp-block-heading\">Per a <code>nas2.elmeunom.cat<\/code>:<\/h5>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Camp<\/th><th>Valor<\/th><\/tr><\/thead><tbody><tr><td>Descripci\u00f3<\/td><td>NAS2<\/td><\/tr><tr><td>Protocol<\/td><td>HTTPS<\/td><\/tr><tr><td>Domini<\/td><td><code>nas2.elmeunom.cat<\/code><\/td><\/tr><tr><td>Port 443<\/td><td>\u2705 Activat<\/td><\/tr><tr><td>Dest\u00ed<\/td><td><code>https:\/\/192.168.1.49<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? PAS 3: Obre el port 443 al router<\/h2>\n\n\n\n<p>Perqu\u00e8 Let&#8217;s Encrypt pugui verificar el teu domini, has d&#8217;obrir el port <strong>443<\/strong> al router i redirigir-lo al <strong>NAS principal<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Regla al router:<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Camp<\/th><th>Valor<\/th><\/tr><\/thead><tbody><tr><td>Name<\/td><td>DSM_HTTPS<\/td><\/tr><tr><td>Protocol<\/td><td>TCP<\/td><\/tr><tr><td>WAN Port Start\/End<\/td><td><code>443 - 443<\/code><\/td><\/tr><tr><td>LAN IP Address<\/td><td><code>192.168.1.41<\/code><\/td><\/tr><tr><td>LAN Port<\/td><td><code>443<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? PAS 4: Sol\u00b7licita certificats SSL amb Let&#8217;s Encrypt<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Al NAS1:<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>DSM &gt; Portal Web &gt; Certificats SSL &gt; Add &gt; Obtain a new certificate<\/code><\/pre>\n\n\n\n<p>Tria:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u2705 <strong>DNS validation<\/strong> (si el domini no apunta directament al NAS)<\/li>\n\n\n\n<li>\u2705 <strong>HTTP validation<\/strong> (si el port 443 est\u00e0 ben configurat)<\/li>\n<\/ul>\n\n\n\n<p>Despr\u00e9s de validar, selecciona els dominis:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>nas1.elmeunom.cat<\/code><\/li>\n\n\n\n<li><code>nas2.elmeunom.cat<\/code><\/li>\n<\/ul>\n\n\n\n<p>Assigna certs als serveis corresponents:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Assigna certs als Reverse Proxies:<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>V\u00e9s a <code>Portal Web &gt; Reverse Proxy &gt; Edit &gt; Certificate<\/code><\/li>\n\n\n\n<li>Aplica el certificat a cada regla:<\/li>\n\n\n\n<li><code>nas1.elmeunom.cat<\/code> \u2192 certificat per <code>nas1<\/code><\/li>\n\n\n\n<li><code>nas2.elmeunom.cat<\/code> \u2192 certificat per <code>nas2<\/code><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Resultat final<\/h2>\n\n\n\n<p>Un cop fet tot aix\u00f2:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>URL<\/th><th>Servei<\/th><th>Certificat<\/th><th>Funciona?<\/th><\/tr><\/thead><tbody><tr><td>https:\/\/nas1.elmeunom.cat<\/td><td>NAS1<\/td><td>\u2705 Let&#8217;s Encrypt<\/td><td>S\u00ed<\/td><\/tr><tr><td>https:\/\/nas2.elmeunom.cat<\/td><td>NAS2<\/td><td>\u2705 Let&#8217;s Encrypt<\/td><td>S\u00ed<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? BONUS: Auto-renovaci\u00f3 del certificat<\/h2>\n\n\n\n<p>Let&#8217;s Encrypt d\u00f3na certs <strong>gratu\u00efts per\u00f2 temporals (90 dies)<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Si has usat <strong>HTTP validation<\/strong>:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>El sistema renovar\u00e0 autom\u00e0ticament el certificat cada 90 dies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Si has usat <strong>DNS validation<\/strong>:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Haur\u00e0s d\u2019afegir un script personalitzat o fer servir un connector DNS (ex: Cloudflare, Namecheap\u2026) per renovar-ho autom\u00e0ticament.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Resum visual<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>Extern                        Router                  NAS1 (Reverse Proxy)             NAS2\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500              \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500           \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500          \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nhttps:&#47;&#47;nas1.elmeunom.cat\n         \u2193\n&#91;Port 443 obert \u2192 NAS1]\n         \u2193\n&#91;Reverse Proxy detecta \"nas1.elmeunom.cat\"]\n         \u2193\nReenvia a https:\/\/192.168.1.41 amb certificat v\u00e0lid<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>Extern                        Router                  NAS1 (Reverse Proxy)             NAS2\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500            \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500           \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500          \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nhttps:&#47;&#47;nas2.elmeunom.cat\n         \u2193\n&#91;Port 443 obert \u2192 NAS1]\n         \u2193\n&#91;Reverse Proxy detecta \"nas2.elmeunom.cat\"]\n         \u2193\nReenvia a https:\/\/192.168.1.49 amb certificat v\u00e0lid<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Avantatges d\u2019aquesta configuraci\u00f3<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Acc\u00e8s <strong>HTTPS segur<\/strong> als dos NAS<\/li>\n\n\n\n<li>Sense necessitat de ports extra (ex: 8080, 8443)<\/li>\n\n\n\n<li>URLs netes: <code>nas1.elmeunom.cat<\/code>, <code>nas2.elmeunom.cat<\/code><\/li>\n\n\n\n<li>Certificats <strong>gratu\u00efts i autom\u00e0tics<\/strong><\/li>\n\n\n\n<li>Escalable: pots afegir m\u00e9s servidors en el futur<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Preguntes freq\u00fcents<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Q: Necessito tenir dos certificats?<\/h3>\n\n\n\n<p>R: No, pots demanar un sol certificat amb m\u00faltiples noms (<code>SAN Certificate<\/code>) si el suporta el teu prove\u00efdor DNS.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Q: Funciona amb Docker o altres apps?<\/h3>\n\n\n\n<p>R: S\u00ed! Aquest m\u00e8tode tamb\u00e9 serveix per protegir serveis com Nextcloud, Jellyfin, Portainer, etc.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">? Vols que et prepari un fitxer <code>.conf<\/code> de configuraci\u00f3 o una guia pas a pas per un cas concret?<\/h2>\n\n\n\n<p>Nom\u00e9s cal que em diguis:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Quin \u00e9s el teu domini?<\/li>\n\n\n\n<li>Tens compte a algun prove\u00efdor DNS (ex: Namecheap, Cloudflare, GoDaddy)?<\/li>\n\n\n\n<li>Quin model de Synology tens exactament?<\/li>\n<\/ul>\n\n\n\n<p>I t\u2019ajudo a fer-ho pas a pas! ?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>? Problema: 1. LAN (Local Area Network) 2. WAN (Wide Area Network) 3. Port Forwarding \/ Virtual Server Exemple: ?\ufe0f DETALL DE LA TEVA CONFIGURACI\u00d3 AL ROUTER Camp Valor Explicaci\u00f3 Name NAS2_HTTP Nom identificatiu de la regla Protocol TCP HTTP &hellip; <a href=\"https:\/\/www.beseit.net\/?p=16273\">Continua llegint <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":3170,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[127],"tags":[],"class_list":["post-16273","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-servidors"],"_links":{"self":[{"href":"https:\/\/www.beseit.net\/index.php?rest_route=\/wp\/v2\/posts\/16273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.beseit.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.beseit.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.beseit.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.beseit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16273"}],"version-history":[{"count":3,"href":"https:\/\/www.beseit.net\/index.php?rest_route=\/wp\/v2\/posts\/16273\/revisions"}],"predecessor-version":[{"id":16709,"href":"https:\/\/www.beseit.net\/index.php?rest_route=\/wp\/v2\/posts\/16273\/revisions\/16709"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.beseit.net\/index.php?rest_route=\/wp\/v2\/media\/3170"}],"wp:attachment":[{"href":"https:\/\/www.beseit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.beseit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.beseit.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}