Nginx Reverse Proxy auf Synology + Omada blocking – suddenly no function
Hello everyone,
I’ve been successfully running an Nginx reverse proxy on my Synology NAS (DSM) for quite some time. Everything was stable until last Saturday. Since then, external access has stopped working – without me knowingly changing anything.
Observation
On the same day, the system detected a ping attack.
Since that moment, the reverse proxy has stopped working.
Checked / tested so far
Network & Ports
-
Port forwarding in the router is set up correctly (had been working fine for months).
-
External ports → internal ports on the NAS verified.
-
IP addresses are assigned statically.
-
ISP is not blocking any ports.
Proxy / Synology
-
Nginx reverse proxy on the Synology is running without error messages.
-
Tested by setting up Nginx on another system → same issue.
Omada Controller / Network
-
Suspicion now lies with Omada, since the issue persists even with a fresh proxy installation.
-
Firewall rules, ACLs, and blocklists checked → nothing found.
-
Logs (Omada + NAS) provide no clear clues.
Symptoms
-
Reverse proxy is not reachable from outside.
-
Works fine internally (LAN).
-
No entries in blocklists or logs that suggest a block.
Question to the community
-
Can Omada (Controller or Gateway) permanently block ports or IPs after detecting an attack, even if nothing shows up in the ACLs?
-
Are there hidden settings or logs in Omada that I might have missed?
-
Where would you start to systematically narrow down the issue?
I’m pretty much at a loss at this point and would really appreciate any tips or experiences.
Thanks!
Florian
@Ethan-TP Hello, i am sorry i misunderstood.
Here the Gateway.
I did NO Changes in the time where this problem occurred. (just forwarded now the original ports 80/443 because I installed Nginx on a VM with different IP address to have a fast workaround). But I still need access to this NAS IP.
Because when I want to access the NAS IP 192.168.10.3 IP, onto the 2 installed Docker instances with 2 different Ports i get this problem that i cant access.
On Synology NAS Firewall is deactivated and needed Ports are open. So I cant help myself assuming it must be something on the Router side.
Please first disable “Block Ping from WAN” in the location shown, then reboot the router.
Additionally, temporarily place the NAS in the DMZ and see if the issue persists.
If you have another router in front, also test whether the upstream router or your ISP is blocking the port.
While you’re on the external network, try using telnet with your public IP and port number to check whether packets reach the router.
If the connection succeeds but you get an RST or a timeout, the problem is likely with the NAS or the reverse proxy.
