Do Synology users always run the Duplicati UI remotely? Although your symptoms sound different, security is tighter than it used to be, to prevent a class of exploits, and this has required some changes of remote users.
Duplicati upgrade - “The host header sent by the client is not allowed”
If Synology Package Manager is still on the script I linked to in the “Can’t connect” article, it lacks the options you supplied manually, in addition to the new --webservice-allowed-hostnames=* that might be needed.
It would be useful to know if there’s a TCP-level issue, e.g. by using telnet or a new browser tab to the port. Those will avoid our having to guess at exactly what the Duplicati browser code means when it gives an error.
Is that saying it comes and goes within a Duplicati run, or Duplicati starts only sometimes, or something else?