Redirect to Synology NAS, traefik outside NAS


I've had problems trying to setup redirection and certificate generation for a Synology NAS.

Traefik's docker container is hosted on another machine. It communicates well with the NAS.

I'm using traefikv2.9.6.
I have a subdomain wildcard certificate managed by traefik like so : *
I created the following file for the NAS :

    entryPoints = ["web-secure"]
    rule = "Host(`nas.srv.xxxxxx`)"
    service = "nas"
    certResolver = "certificato"
    passHostHeader = true
        url = ""

The rule is received, the configuration applied by traefik. It creates the certificate.
Loadbalancing is where the problem occurs, I get Internal Server Error.

The loadbalancing address works if I put it simply in the browser.

In the Synology DSM, I have :

  • configured the public domain name (Control Panel > Login Portal > Domain).
  • configured the hostname (Control Panel > External Access > Advanced > Hostname or static IP)
  • put the same certificate used by traefik, defined it as default for all system applications.
  • added a firewall rule on the NAS that allows all traffic between traefik host and NAS.

I wonder if some features are messing up everything. Please enlighten me, should I disable something like HTTP CSP Header ? HTTP /2 ?

Sorry if I'm asking this in the wrong place. I'd be super grateful for any help. Thank you.

Enable Traefik debug log and access log to see what's happening.

Be aware that copying the loadbalancer URL to your browser is not the same as the Traefik request, as that includes the hostname, which your NAS might work with.

Try those commands, adapt them to your environment (source):

curl -H "Host:" http://localhost/
curl --resolve

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.