Posts Tagged Synology

Controlling the front LEDs of a Synology NAS via ttyS1

You can control the front LEDs (as well as triggering other hardware events) on a Synology NAS by sending certain values to /dev/ttyS1, either from a script of from the CLI via Telnet or SSH.

These commands “force” the LED state, and therefore the LEDs can’t be used as status indicators after being forced. You can, however, simply reboot the NAS to restore normal operation; the settings do not survive a reboot.

Below are a list of commands that can be run from the command line (if you are logged in as root) or incorportated into a script. Note that the # character and everything after it are comments, and some characters require escaping.

These are only the commands I could get to work on my NAS.

echo 1>/dev/ttyS1 # Immediate power off (not graceful)
echo 4>/dev/ttyS1 # Power LED on solid
echo 5>/dev/ttyS1 # Power LED flash
echo 6>/dev/ttyS1 # Power LED off
echo 7>/dev/ttyS1 # Status LED off
echo 8>/dev/ttyS1 # Status LED on solid green
echo A>/dev/ttyS1 # USBCopy LED flash
echo @>/dev/ttyS1 # USBCopy LED on solid
echo B>/dev/ttyS1 # USBCopy LED off
echo C>/dev/ttyS1 # Immediate reset (not graceful)
echo :>/dev/ttyS1 # Status LED on solid amber
echo ;>/dev/ttyS1 # Status LED flashing amber

If you know if any other values to send to ttyS1, or anything else you’d like to share regarding this, please feel free to do so in the comments below. Thank you!

, , ,

Leave a comment

PPTP VPN Connection to Synology NAS on Windows 7

I previously wrote a post about connection to a Synology NAS VPN server using OpenVPN. Although OpenVPN is more secure, it does involve installing software and can be a bit tricky to set up.

The Synology NAS VPN server also has support for PPTP VPN connections, which Windows 7 (as well as other operating systems) have built-in support for, without the need to install software. It’s much easier to set up and get going.

Here’s how to do it:

Assuming that you already have the VPN Server package installed and running, go to VPN Server and make sure your PPTP VPN is enabled.

Also go to Privilege and make sure your user has permission to connect.

Lastly, make sure TCP port 1723 is forwarded to your NAS.

Setting up Windows 7

Click Start > Control Panel > Network and Sharing Center (view by large or small icons) and click Set up a new connection or network.

net_setup_new

Click Connect to a workplace.

net_connect_workplace

If you are prompted, click “No, create a new connection”

net_new_connection

Select “Use My Internet Connection (VPN)

net_use_vpn

In the next screen, enter the IP address or hostname of your Synology NAS.

net_enter_address

In the next screen, you can enter your username and password and click Connect.

Your PPTP connection is now set up. You can access it from your network connections menu.

Deciding whether to route all traffic through the VPN connection

By default, the PPTP link will route all traffic. This is good if you’re using your VPN session as a routing point to encrypt all your traffic. However, if you decide you do not want all traffic routed through the VPN, but only non-public Internet traffic, change your settings as follows (Windows 7):

Click Start > Control Panel > Network and Sharing Center > Change Adapter Settings

Right-Click on your PPTP configuration and click Properties.

Click the Networking tab.

pptp_properties

For both IPv6 and IPv4, do the following:

Click Properties.

Under the General tab, click Advanced.

adv_tcp_ip_settings

To route all traffic through the VPN link, check the Use default gateway on remote network.

To route only non-public Internet traffic, uncheck the box.

Questions or comments, please leave a comment below. Thank you!

, , , ,

Leave a comment

How to manually change the Symform contribution port on a Synology NAS

Symform is a cloud-based backup solution which allows you to have 10 GB of backup space free, and get additional free space, as well as support, by contributing space.

In order to contribute, you need to have a port forwarded to your Synology device. However, in my experience, I wasn’t able to choose the port (as it’s chosen randomly during installation). If the port number that the Symform service chooses is already taken, or you prefer to assign another port number, here’s how to do it.

To do this, you will already need to know how to set up port forwarding on your router, and install and set up the Symform service on your Synology NAS, as well as be familiar with how to SSH into your Synology NAS. This only shows you how to manually edit the contribution port number chosen by the Symform service.

Make sure the Symform service is stopped

Do this by logging into your Synology on the admin port (usually 5000 or 5001) and going to Package Center. Under Installed, you can stop the Symform service by clicking the stop button. Once the service is stopped (as shown below), you can continue.

symform_stopped

SSH into your Synology NAS

If you haven’t already, turn on the SSH (or telnet) service by going to Control Panel > Terminal, and enabling the desired service. Next, SSH (or telnet) into your Synology NAS box. Once logged in, go to the Symform configuration directory by typing:

cd /volume1/@symform/lib

Next, open node.config with the vi editor:

vi node.config

Locate a line starting with <contribution enabled="True" fragmentStorePath= and scroll to the right of that line, and you will see port="43100" (or another port number). If you’re not familiar with the vi editor, carefully follow the following commands to edit the file in-place:

  • Press the a key to enter append (editor) mode
  • Cursor to the value and use the keyboard to edit it
  • Press the ESC key to exit editing mode
  • Type :w followed by enter to save the file
  • Type :q followed by enter to quit the editor

Now go back to Package Center and start the Symform service.

You will be able to see the updated port number in your Symform control panel.

If you have any questions, comments, or thoughts to share, please do so in the comments below. Thank you!

, , , , ,

Leave a comment

StartSSL SSL Certificate on Synology NAS using subdomain

This will explain how to generate and install SSL certificates on your Synology NAS to get rid of the pesky SSL certificate errors. I’ll be explaining specifically how to generate and install from StartSSL, who gives out free SSL certificates.

First, you will need to own or control a domain name, and have a subdomain set up and CNAME pointed to your Synology NAS’s IP address. You can find a walkthrough on how to set that up by reading this article. If you are having trouble with certificate domain mismatches, make sure you have read this article first: Synology DiskStation on a subdomain with dynamic IP address.

Once that’s set up, head over to StartSSL and follow the steps outlined below to validate a domain name and generate an SSL certificate.

Validate a domain name

Select the Validations Wizard and choose type Domain Name Validation

select_domain_validation

Enter the domain name you wish to validate, and continue. You are validating only the base domain name.

domain-name-validation

Select an email address to which the validation code will be mailed to, and then continue.

select-verification-email

Enter the validation code you received via email, and continue.

complete-validation-code

Generating your SSL certificate

After verifying your domain ownership, you can now generate the SSL certificate.

Select Certificates Wizard and choose Web Server SSL/TLS certificate, as in the image below.

web-server-ssl-cert

Generate a private key by inputting a password of at least 10 characters, choosing your key length, and selecting SHA1.

On the next screen, you will be given your generated, encrypted, private key with instructions to save it to a file called ssl.key, and what to do with it. For now, just create a new text file on your desktop, call it “encrypted_ssl_key” (or whatever), and hang on to it for later. I’ll explain what to do with it in a few more steps.

save-private-key

Next, you’ll be prompted to add a verified domain to your SSL cert. Choose the previously validated base domain.

add-domains

Next, you’ll be prompted to enter a subdomain to add to the certificate. This is where you enter your NAS’s subdomain. For example, if your root domain is example.com, and your NAS is accessible via myds.example.com, enter myds.

The ready processing certificate screen will show next, and should include both your base domain name and the subdomain, like this following image.

ready-processing

The following screen will appear, and prompt you to save the certificate, as well as the intermediate certificates, which you will need for the Synology NAS. Save the certificate in a file called ssl.crt as instructed. Hold on to both it, and the two downloaded intermediate certificates for the following steps.

save-cert

Decrypt the private key

One more step before we install the certs onto the NAS box. Head over to the StartSSL toolbox and click on Decrypt Private Key.

decrypt-private-key

In the top box, paste the saved encrypted private key that you generated and named “encrypted_ssl_key” (or whatever). In the Passphrase box, enter the 10-character-or-so password that you set on it, and click decrypt. Save the decrypted key to a file called ssl.key.

Installing the SSL certs

Now we’re ready to install the SSL certs onto the Synology NAS. Log in as admin and head to Control Panel > Web Services. Click the HTTP Service tab and click Import Certificate.

For each of the following select the corresponding files

Private Key: Your decrypted ssl.key file

Certificate: Your ssl.crt file

Intermediate certificate: The sub.class1.server.ca.pem intermediate certificate you downloaded.

(If you forgot to download the intermediate certificates, you can get them again by following this link.)

Click ok, and you should see Restarting Web Server, like so

syno-import-cert

Assuming all went well, you should be able to go to the subdomain and see a good SSL certificate lock icon, like so in Chrome

identity-verified

Questions, comments, or otherwise, please feel free to share them in the comments below. Thank you!

, , , ,

Leave a comment

Using Synology DS211j as an AirPrint Print Server for Brother HL-2170W

I have a Brother HL-2170W printer that I’m using as a wireless printer. One thing I wanted to do was use AirPrint from my iPhone to print if the need should arise, as it does from time to time. My Synology DS211j includes a USB print server with Bonjour and AirPrint support, so I knew I could plug my printer into it via USB and use it as a print server, but there was the issue of the already-configured wireless clients.

I wondered: Since I’m already using my printer wirelessly, can I just plug the printer into the NAS using the USB port and use both USB and wireless? The answer to that is actually yes, according to this post at UbuntuForums. You can use USB and either wired or wireless at the same time, but you cannot use both wired at wireless at the same time.

Now that I had that important issue aside, it was time for setting it up.

First, physically plug the USB cable from the printer to the NAS. You should be able to verify that the printer shows up in Control Panel > External Devices as shown here:

Once that’s done, click the printer to select it, then click USB Printer Manager > Set Up Printer:

Since the DS211j didn’t have a specific print driver listed for this model, I took the known-working driver configuration from my “Ubuntu and Brother HL-2170W” post, and set it up as shown below:

  • Mode: Network Printer
  • Advanced Settings: Enable AirPrint
  • Printer Brand: Generic
  • Printer Model: Generic PCL 5e Printer

After that, I hit Save and then Close, and I was able to print a test page successfully by clicking on the printer and then clicking USB Printer Manager > Print Test Page. One thing to be aware of is that the DS211j is a bit lacking in RAM, so print jobs can take a bit (up to 5 minutes) from the time they’re sent to the server until they come out of the printer.

, , , , , , ,

Leave a comment

OpenVPN Connection to Synology NAS on Windows 7

Initially I had some trouble getting this to work, but figured this out and figured I would pass it on.

This guide assumes you are attempting to set up a VPN tunnel to your Synology NAS over WAN using OpenVPN. While a PPTP VPN connection is much easier to set up and doesn’t require third-party software, OpenVPN has been shown to be signifigantly more secure.

For this, I’m using Windows 7 64-bit. While file locations will likely differ on other OSes, the overall configuration is likely smiliar.

Base configuration

Log in to your Synology NAS using the admin account and install the OpenVPN server from within Package Center.

Once installed, start VPN Server and enable OpenVPN under OpenVPN Server > Settings > OpenVPN.

The following pop-up message will appear instructing you to make sure UDP port 1194 is open:

If your NAS is behind a router, make sure you have port forwarding set up to forward UDP port 1194 to your NAS.

If you are using the Synology Router Config tool, you can set the port forwarding from Control Panel > Router Configuration > Create. You’ll find the port setting under Built-In Applications as shown below:

If you’re setting up port forwarding in your router, then the Synology Router Configuration tool isn’t needed. Use one or the other, whichever you prefer.

Install OpenVPN

Download and install the OpenVPN application for your OS from OpenVPN community downloads. Install using the defaults.

Getting the configuration from the Synology OpenVPN server

Before the client software can be configured, a few files (specifically the OpenVPN configuration files and the certificate) need to be downloaded from the Synology NAS. from the NAS, go to OpenVPN Server > OpenVPN and click on Export Configuration. This will download a zip file containing the two needed files plus a third README file. You can either refer to the README for instructions or simply continue reading.

Configure the OpenVPN client software

Open windows explorer and navigate to “C:Program Files (x86)OpenVPNconfig”. Copy the openvpn.opvn and ca.crt files from the openvpn.zip file you downloaded earlier to this directory.

Right-click on openvpn.ovpn and open it with notepad (or your favorite text editor) and make the edits explained below:

Change the line starting with remote to specify your or your server’s IP address or hostname. For example, if your OpenVPN server is at ovpn.example.com, change it as follows:

remote ovpn.example.com 1194

If your host’s IP address frequently changes, uncomment the float option, by changing

#float

to

float

Or, you can specify an IP address, like so:

remote 192.0.2.0 1194

Also, if you want to redirect ALL traffic across the OpenVPN connection (strongly recommended), uncomment the redirect-gateway option by changing

#redirect-gateway

to

redirect-gateway

Connecting to the OpenVPN Server

Right-click the OpenVPN GUI desktop icon and select “Run as administrator”. (You can edit the shortcut to always start with administrative privileges by right-clicking on it, selecting Properties, then Compatibility, then checking Run this program as an administrator.)

The OpenVPN GUI icon will appear in your taskbar, and it will appear red. Right-click on it and select Connect. You will be prompted for your username and password (as used on your Synology NAS) to connect.

If you’re having trouble authenticating make the account you are trying to connect as has access to the VPN server. Look in VPN Server > Privilege to verify account access.

That’s it! You should have a working OpenVPN tunnel connection working after following these steps. If you have any suggestions, comments, or feedback, or just want to share your thoughts, please do it in the comments section below. Thanks!

, , ,

Leave a comment

CrashPlan backup to Samba share on Linux

For about a week now I’ve been wrestling with implementing a system where CrashPlan would backup to my network drive. I ran into a really bit problem: When you mount a network location in Gnome using the GUI (gvfs), root can’t access it. Since the CrashPlan engine runs at root, it makes the network location unusable as a backup destination.

After a while of working on different ways to solve this rather large hurdle, I came up with the idea of simply mounting the network location using smbmount (mount.cifs). After some testing and tweaking, I was able to get it successfully working and added an entry to fstab to have it mount at boot time. I chose /mnt/mynas as the mount point.

See Synology DiskStation and Samba mount permissions for my method of getting it mounted with the correct file permissions.

Once it was set to mount at boot-time, I can now open the CrashPlan client and set /mnt/mynas as a destination folder, and now I have both local and off-site backups!

Feel free to share your thoughts and/or feedback in the comments below!

, , , , ,

Leave a comment

Synology DiskStation and Samba mount permissions

So today I was using smbmount to mount a network share from my Synology DiskStation to my Linux PC when I noticed a rather annoying file permissions issue that I couldn’t seem to fix. Why am I using smbmount and not Gnome’s GUI to mount? Because I need root to have access to the file system as well so that CrashPlan can back up to it.

Here’s what happened:

First, I mounted the share (as root):

smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike

(For more information on the smbmount or the mount.cifs credentials file, see the Ubuntu manpage for mount.cifs)

That worked great, except for when I do this (as root)…

ls -ld /mnt/mynas

… I get the following output:

drwxrwxrwx 17 mike mike 0 2011-05-20 09:25 mynas

I sure didn’t want the directory world-writable. So I tried specifying file_mode and dir_mode as both 0755 using the following (as root):

smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike,file_mode=0755,dir_mode=0755

Then I checked it:

ls -ld /mnt/mynas

… and got:

drwxrwxrwx 17 mike mike 0 2011-05-20 09:25 mynas

That didn’t do anything at all to help. Why? Because as it turns out the DiskStation is using a Samba server with CIFS extensions and is passing the permissions to smbmount (mount.cifs). The file_mode and dir_mode options are ignored if the remote server is using CIFS extensions.

file_mode=arg

If the server does not support the CIFS Unix extensions this overrides the default file mode.

dir_mode=arg

If the server does not support the CIFS Unix extensions this overrides the default mode for directories.

Source: Ubuntu manpages.

So there’s a couple of options here. First, I could set it to mount somewhere inside /home/mike, which would generally protect it. But I’d really like to know what’s up with the file permissions. So I did a little more Google-fu.

As it turns out, the CIFS extensions on the DiskStation can be disabled, all it takes is to edit a file. Lepoulpe posted on the Synology forums the following edit:

you can disable “unix extensions” in the ds106’s samba server. To achieve this, you need to add the folowing line in the [global] section of /usr/syno/etc/smb.conf :

unix extensions=no

So, I SSH’d into my DiskStation as root (should be the same password as ‘admin’ if you’re having trouble) and used the vi editor to make the edit. Afterwards, I restarted samba on the DiskStation by doing this:

/usr/syno/etc/rc.d/S80samba.sh restart

Then I remounted the Samba share as root…

smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike,file_mode=0750,dir_mode=0750

… and checked the permissions:

ls -ld /mnt/mynas

… and got the following output:

drwxr-x--- 17 mike mike 0 2011-05-20 09:25 mynas

Exactly right.

So now I have /mnt/mynas mounted to my share on the DiskStation. If I wanted it to mount on boot, I could add something like the following to /etc/fstab:

//diskstation/mike /mnt/mynas smbfs auto,credentials=/home/mike/mike.cred,uid=mike,gid=mike,dir_mode=0750,file_mode=0750,user 0 0

Questions about my method? Have any feedback or alternate methods to share? Please feel free to do so in the comments below. Thank you!

, , , , , , ,

Leave a comment

Synology DiskStation on a subdomain with dynamic IP address

If you have a Synology DiskStation and already have a hostname (for your website, blog, or other) you can set up your DiskStation on a dedicated subdomain easily — even if you have a dedicated IP address.

First, determine what subdomain you’re going to assign to your device, based on the domain name you already have. For example, you might own example.com and want ds.example.com to point to your DiskStation. That’s perfectly fine — it’s your choice.

Next, get yourself a free dynamic IP hostname at a service like DynDNS. They provide Dynamic DNS hosts for free, and it only takes a few minutes to sign up. It doesn’t matter what domain you pick, but you only get one. For the purpose of this guide, I’ll say that I signed up for example.dyndns.orgIf you are using the Synology Dynamic DNS service, you have this already. Continue.

Once you’re signed up and activated your domain, you need to set up automatic updating. You can do this through the DiskStation itself under Control Panel > DDNS, or with a router that supports Dynamic IP updating (most routers).

ds_ddns2

Now your client will keep your hostname up to date automatically, even if your IP address changes.

The next step is to assign your new DynDNS hostname to a DNS CNAME record. You want to add a CNAME record for ds.example.com that points to example.dyndns.org. Specific instructions will vary by your DNS registrar, so consult them if you’re not sure exactly how to add the record. Keep in mind it may take up to 24+ hours for the DNS record to propagate, so if it doesn’t work right away, try again later.

Once the DNS zone has propagated, you should be able to access your DiskStation at your new hostname ds.example.com, and the DynDNS client will keep your hostname updated.

If you want to create an SSL cert for HTTPS access, create it for ds.example.com using the instructions found here: https://mikebeach.org/2012/11/13/startssl-ssl-certificate-on-synology-nas-using-subdomain

Questions, comments, and feedback about this are welcome.

,

Leave a comment

Synology DS211j drive led light bleed fix

Recently I bought a Synology DS211j NAS for storage. A pair of 2TB hard drives in RAID-1 make for roomy storage, and this NAS is rich on features for it’s price, and it only supports up to 2TB drives.

I ordered the NAS with 1 drive initially, then got the 2nd one shortly after. One minor thing I noticed fairly quickly is how the light from the drive 1 led would bleed into the drive 2 indicator.  It made it look like the light was on when in fact it was off.

 

The 4th LED is the drive 2 light. There's no drive 2 installed.

The 4th LED is the drive 2 light. There’s no drive 2 installed.

Despite it’s compact case (or maybe because of it) the DS211j is very easy to work on.

The case cover slides off for easy installation of the drives. Here you can see the NAS with the cover removed and one drive installed. The top drive slot is drive 1, the bottom is drive 2.

Single 2TB drive installed

Single 2TB drive installed

I had to see how the LED light output was being delivered to the front of the case, for this, I removed the front bezel from the case cover. It removes very easily using a #2 Philips screwdriver.

IMG_2018

Next I placed the front bezel on the bottom to see where everything lined up. It was quickly evident where the light “leak” was occurring — the plastic divider that Synology was using between the LEDs simply wasn’t present between the drive 1 and drive 2 light channels.

IMG_2009

After some thought I came up with a solution: Isolating the light channels using electrical tape.

I carefully put the electrical tape on the light channels and carefully cut to fit. The result:

IMG_2013

I test fit the light guides over the LEDs.

IMG_2014

And that’s it! After reassembly, the drive 2 LED was nicely blacked out. I did install my 2nd drive today and it looks great. I can now easily notice the drive LEDs blinking independently of each other.

Leave a comment