Archive for April 27th, 2012
Initially I had some trouble getting this to work, but figured this out and figured I would pass it on.
This guide assumes you are attempting to set up a VPN tunnel to your Synology NAS over WAN using OpenVPN. While a PPTP VPN connection is much easier to set up and doesn’t require third-party software, OpenVPN has been shown to be signifigantly more secure.
For this, I’m using Windows 7 64-bit. While file locations will likely differ on other OSes, the overall configuration is likely smiliar.
Log in to your Synology NAS using the admin account and install the OpenVPN server from within Package Center.
Once installed, start VPN Server and enable OpenVPN under OpenVPN Server > Settings > OpenVPN.
The following pop-up message will appear instructing you to make sure UDP port 1194 is open:
If your NAS is behind a router, make sure you have port forwarding set up to forward UDP port 1194 to your NAS.
If you are using the Synology Router Config tool, you can set the port forwarding from Control Panel > Router Configuration > Create. You’ll find the port setting under Built-In Applications as shown below:
If you’re setting up port forwarding in your router, then the Synology Router Configuration tool isn’t needed. Use one or the other, whichever you prefer.
Download and install the OpenVPN application for your OS from OpenVPN community downloads. Install using the defaults.
Getting the configuration from the Synology OpenVPN server
Before the client software can be configured, a few files (specifically the OpenVPN configuration files and the certificate) need to be downloaded from the Synology NAS. from the NAS, go to OpenVPN Server > OpenVPN and click on Export Configuration. This will download a zip file containing the two needed files plus a third README file. You can either refer to the README for instructions or simply continue reading.
Configure the OpenVPN client software
Open windows explorer and navigate to “C:Program Files (x86)OpenVPNconfig”. Copy the openvpn.opvn and ca.crt files from the openvpn.zip file you downloaded earlier to this directory.
Right-click on openvpn.ovpn and open it with notepad (or your favorite text editor) and make the edits explained below:
Change the line starting with remote to specify your or your server’s IP address or hostname. For example, if your OpenVPN server is at ovpn.example.com, change it as follows:
remote ovpn.example.com 1194
If your host’s IP address frequently changes, uncomment the float option, by changing
Or, you can specify an IP address, like so:
remote 192.0.2.0 1194
Also, if you want to redirect ALL traffic across the OpenVPN connection (strongly recommended), uncomment the redirect-gateway option by changing
Connecting to the OpenVPN Server
Right-click the OpenVPN GUI desktop icon and select “Run as administrator”. (You can edit the shortcut to always start with administrative privileges by right-clicking on it, selecting Properties, then Compatibility, then checking Run this program as an administrator.)
The OpenVPN GUI icon will appear in your taskbar, and it will appear red. Right-click on it and select Connect. You will be prompted for your username and password (as used on your Synology NAS) to connect.
If you’re having trouble authenticating make the account you are trying to connect as has access to the VPN server. Look in VPN Server > Privilege to verify account access.
That’s it! You should have a working OpenVPN tunnel connection working after following these steps. If you have any suggestions, comments, or feedback, or just want to share your thoughts, please do it in the comments section below. Thanks!