While setting up a Synology as a file server for a client, I wanted to have them be able to access their share through a mapped drive in windows, whether in the network or outside. Ran into some stumbling blocks and couldn’t find full answers so I’m posting my own (referencing already awesome documentation where available).
1. The client does not have a static IP and the Syno is the only internal device that needs to be accessed internally, so I did not feel the purchase of a static IP to be necessary. Synology allows you to sign up for a free DDNS address through them. I registered clientname.synology.me through the DDNS feature of the Synology control panel. See Synology’s Documentation here. Once that was up and running, I created a CNAME DNS record for files.clientdomain.com to resolve to clientname.synology.me.
2. I enabled WebDav on the Synology, as described here. NOTE: The users also need to have WebDav permissions to the share they are connecting to.
3. I created firewall rules for external traffic hitting ports 5001 and 5006 to redirect to the Internal Synology IP address.
4. I purchased a SSL certificate from godaddy for files.clientdomain.com, using this article as a guide to install it. Note about this article: I was not able to use some of the directories referenced, specifically /volume1/generic/certificate, so I used a shared folder that was already there. EDIT 03/09/15: Synology has made installing an SSL so much simpler! See this link. If the intermediate certificate errors, you can get the correct one from your provider, in the case of godady it is here.
NOTE: At this point, you can use DSFILE app for iPhone and Android without any further configuration.
5. Most of the documentation will tell you you need a third party application to use webdav to map a drive in Windows. See this for example. EXCEPT if you have an SSL cert. But almost none of the documentation tells you what to do if you have an SSL cert. After some trial and error I found you have to enter https://files.clientdomain.com:5006/sharename, in the map network drive folder box.
EXTRA CREDIT: if you want the same drive to work internally and externally: local DNS must be setup with a forward lookup zone for the domain, with files.clientdomain.com pointing to the internal address of the synology. If this isn’t an option, you can have one drive mapped to the internal address, and one mapped to the external.
Synology now has me totally sold! This is the fifth one I have installed at client locations and I’m ready to order the DS414 starting with two 4TB drives for my home!
thegiamarie 
Hi there,
Thanks for the nice writeup.
I just purchased a Synology nas, and I’m having some trouble with permissions.
I shared a folder between two users. U1 and U2. both have R/W permissions in the folder.
But, when U1 creates a file or folder in the shared folder, U2 cannot access it. Same goes if U2 creates the file.
I’ve even tried setting the stickybit, but it’s still happening.
Thanks for any help or ideas you could provide.
Sure I could provide some guidance.
I’ve been unable to replicate the issue on my side. but maybe a few questions.
What version of DSM are you running?
Can the user even see the new file or folder that is created?
Are you using the basic permission on the share or advanced?
If you right click on the folder, can you access the properties -> permission -> advanced options -> permission inspector? If so, can you check test each users access to the folder through there?
Let me know!
Very informative! So is there a way to obtain an SSL certificate to use with the DDNS if you don’t own a domain?
I don’t believe there is a way to do that. In order to use an SSL you have to verify that you own the root domain, and with a DDNS you don’t own the root domain and wouldn’t be able to verify it.
Some good information here. There is also another way to use the webdav feature without mapping a drive. Simply enter \\name.domain.com@ssl@5006\wwwdavroot from Windows explorer (not Internet explorer). This will open a useable folder that you can use just like any other Windows folder. I use it all the time.
Thanks for both the kudos and the new info!
Hi there,
How do you set up a “local DNS with a forward lookup zone for the domain” in Windows 7?
Thanks!
Hi!
Unfortunately the way that I have set it up is for a domain environment, where you have the domain controller serving DNS for the domain.
There is a DNS package for the Synology that you could install. If you install it and configure it to serve DNS for the domain you are using to connect to the synology you can then point your win7 machine to use that for DNS when you are in the local network to resolve it when local.
Thanks!