ciavaldp 0 Posted ... Hi,I followed this tutorial with the correct values inside the address, login and password to avoid problems.Now when I try to connect I get this log : Mon Oct 20 15:26:07 2014 OpenVPN 2.1.4 armle-unknown-linux [SSL] [LZO2] [EPOLL] built on Apr 8 2014 Mon Oct 20 15:26:07 2014 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Mon Oct 20 15:26:07 2014 PLUGIN_INIT: POST /lib/openvpn/openvpn-down-root.so '[/lib/openvpn/openvpn-down-root.so] [/usr/syno/etc.defaults/synovpnclient/scripts/ip-down]' intercepted=PLUGIN_UP|PLUGIN_DOWN Mon Oct 20 15:26:07 2014 Cannot load CA certificate file ca.crt path (null) (SSL_CTX_load_verify_locations): error:02001002:lib(2):func(1):reason(2): error:2006D080:lib(32):func(109):reason(128): error:0B084002:lib(11):func(132):reason(2) Mon Oct 20 15:26:07 2014 Exiting Any idea where this could be coming from ?by the way I entered europe.vpn.airdns.org as the address, also tried to append :53 at the end of this. Quote Share this post Link to post
WBFT 0 Posted ... Hi,I followed this tutorial with the correct values inside the address, login and password to avoid problems.Now when I try to connect I get this log : Mon Oct 20 15:26:07 2014 OpenVPN 2.1.4 armle-unknown-linux [SSL] [LZO2] [EPOLL] built on Apr 8 2014 Mon Oct 20 15:26:07 2014 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Mon Oct 20 15:26:07 2014 PLUGIN_INIT: POST /lib/openvpn/openvpn-down-root.so '[/lib/openvpn/openvpn-down-root.so] [/usr/syno/etc.defaults/synovpnclient/scripts/ip-down]' intercepted=PLUGIN_UP|PLUGIN_DOWN Mon Oct 20 15:26:07 2014 Cannot load CA certificate file ca.crt path (null) (SSL_CTX_load_verify_locations): error:02001002:lib(2):func(1):reason(2): error:2006D080:lib(32):func(109):reason(128): error:0B084002:lib(11):func(132):reason(2) Mon Oct 20 15:26:07 2014 Exiting Any idea where this could be coming from ?by the way I entered europe.vpn.airdns.org as the address, also tried to append :53 at the end of this. Did you modify te ca.crt location to ca_oXXXXXX.crt in the client file? Replace XXXXXX with what's behind the client name.. Quote Share this post Link to post
chahk 0 Posted ... I have successfully followed this guide to get my DS412+ connected to AirVPN via the "United States" servers. I've set up some port forwards via https://airvpn.org/ports/ to various services running on my DS (Synology web admin, SABnzbd, CouchPotato, Sick Beard, Plex, etc.,) and everything seems to be working. However... Even though the downloads are real fast (1.8 Mbps reported by SABnzbd, compared to 2.1 Mbps without VPN,) the uploads are horribly slow. I'm not sure how to measure it properly, but connecting to my DS' web interface (http://my_ds_alias.airdns.org:forwarded_port/webman/index.cgi) takes up to 5 minutes, as do all the clicks once it finally lets me in. What can I do to troubleshoot this? How do I even properly measure the upload speeds via the DS? Quote Share this post Link to post
Anonymous_13 32 Posted ... I followed the instruction on DSM 5.1 and it didnd't worked. I wished we could get a config generation for synology servers. Quote Share this post Link to post
zhang888 1066 Posted ... I followed the instruction on DSM 5.1 and it didnd't worked. I wished we could get a config generation for synology servers. There is no special config for it.Even between the OS flavors there are very minor changes, I.e. the Windows/Linux/OSX in the config generator.Some routers do not support the "explicit-exit-notify" and "comp-lzo" directives.If you could paste the logs of what exactly did not work (your OpenVPN logs, not Synology), we might look into that.Note that all the issues on this topic have been solved by the users themselves, so there is nothing wrong with the setupor the device, it seems to be supported, and working correctly for others, without any special config. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
starkless 0 Posted ... Synology is now running DSM 5.2-5592. The "best answer" above is for DSM 4.2-3202. Before I start down the road of trying to figure it out is the "best answer" above still 100% applicable? Is there a set up guide somewhere for DSM 5.2-5592? Quote Share this post Link to post
bertybassett 0 Posted ... remote some.server.address.here 443 Never worked for me, I had to use the IP address for some strange reason. You can ask to resolve the names to IPs when you build the config on the airvpn website. use anything for the IP, user and password as they will be changed/removed manually below Never worked for me. I had to use the exact details for the server (again I used the IP address), exact username/password and port number. Also I used this config along with these "user.crt, key user.key, ta.key" taken from config on the airVPN site. Also can I suggtes using WinSCP to make the changes and copy the additonal keys to the NAS for those less comfitable with using SSH or telnet. Please note to use WinSCP you will still need to turn on Telnet/SSH in control panel of NAS. client dev tun proto udp remote IP ADDRESS FROM CONFIG 443 resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server cipher AES-256-CBC comp-lzo no verb 3 explicit-exit-notify 5 ca ca_XXXXXX.crt cert user.crt key user.key tls-auth ta.key 1 script-security 2 redirect-gateway float reneg-sec 0 plugin /lib/openvpn/openvpn-down-root.so /usr/syno/etc.defaults/synovpnclient/scripts/ip-down auth-user-pass /tmp/ovpn_client_up Quote Share this post Link to post
bertybassett 0 Posted ... Synology is now running DSM 5.2-5592. The "best answer" above is for DSM 4.2-3202. Before I start down the road of trying to figure it out is the "best answer" above still 100% applicable? Is there a set up guide somewhere for DSM 5.2-5592? DSM 4 and 5 guides would be almost indentical. Quote Share this post Link to post
neolefort 1 Posted ... PDF LINK for download with images: https://1fichier.com/?ycqsixfviwWORD LINK if you want to improve this method: https://1fichier.com/?kjmy10cf0s Synology NAS Setup Guide for AIRVPNThis guide was produced using Diskstation Manager (DSM) v5 ;DSM's GUI for connecting to OpenVPN doesn't allow for all of the required parameters to be set. Some manual steps are required to complete configuration of an OpenVPN connection to AIRVPN.It requires accessing and copying files outside of the DSM GUI by connecting to the NAS drive through SSH. STEP 0 – PRELIMINARY STEP OPEN TEMPORARY THE SSH PORT (22).To enable SSH access in DSM. Open DSM, navigate to Control Panel -> Terminal & SNMP. STEP 1 - DOWNLOAD THE CONFIGURATION ZIP FILE FROM AIRVPN GENERATORGo to the https://airvpn.org/generator/ page to generate the configuration file.(1. SELECT LINUX OS) (2. SELECT only 1 SERVER AIRVPN – refer to section by single servers )In this exemple, i will take the FR-MARFIC server.(3. SELECT the Advanced Mode – refer to section connection modes)-select Direct,-protocol UDP,-port 53-Separate keys/certs from .ovpn file (4. ACCEPT THE RULES OF AIRVPN)Tick the two checkboxes :I have read and I accept the Terms of ServiceI HEREBY EXPLICITLY ACCEPT POINTS 8, 10, 11Then click on the GENERATE button. Click on the ZIP button in order to download the AIRVPN configuration files.Unzip the files into a shared folder on your diskstation DSM. In my example, i have created a shared folder on my diskstation /DSM/UPLOAD (Work folder or temp folder) The ZIP archive should contain the following files:- AirVPN_XXXXX_UDP-53.ovpn; XXXXX it is corresponding to your single selected server.-ca.crt-user.crt-user.key STEP 2 – CREATION OF THE VPN PROFILE ON THE DSM SYNOLOGY OS V5To create a VPN profile on the DSM. Open DSM, go to Control Panel -> Network -> Network Interface tab.-Click on Create -> Create VPN profile. - Select OpenVPN radio button and click Next. -In General Settings:Profile Name: AIRVPN_FR_MARFIC (my example, put here the name of your selected server)Adresse Serveur: 195.154.194.18 IP of MARFIC server (you will find the IP of your selected server in the configuration file of AirVPN_XXXXX_UDP-53.ovpn)Login: LOGIN AIRVPN (you use to connect the AIRVPN website)Password: Password AIRVPN (you use to connect the AIRVPN website)Port: 53Protocol: UDPCertificate: Import here the ca.crt fileThen click on the Next button. Define the Advanced settingds (SELECT ALL : EXCEPT the ‘Enable compression on the VPN link’)To finish the creation of the VPN profile, click on Apply button.You'll now have a VPN connection in the Network Interfaces section of your DSM's GUI. Attempting to connect will fail though. It is normal. The DSM configuration file will need to be MODIFIED directly on the NAS drive through SSH port with Putty. STEP 3 – MODIFICATION OF THE VPN PROFILE WITH PUTTY (SSH client) THROUGH SSH PORT TO MAKE IT COMPATIBLE WITH THE AIRVPNConnect directly Putty (SSH client) to your NAS Synology (SSH port is OPENED - refer STEP 0).Open Putty and connect to DSM using the root account. Password will be the same as the 'admin' account password for DSM (you can change this password by logging into DSM using any account that is in the administrator group and going to Control panel -> Users). Execute the following commands, line by line :cdcd ..cd usr/syno/etc/synovpnclient/openvpndir You must see at least this configuration files, in the folder usr/syno/etc/synovpnclient/openvpn XXXXXXXX = 1378254898 in my example. This is the ID of the connection which is automatically attributed.Copy the file client_oXXXXXXXX to a shared folder somewhere on the diskstation with the commande line below. In my exemple, /volume1/DSM/UPLOADcp client_oXXXXXXXX /volume1/DSM/UPLOAD Edit the client_oXXXXXXXX file with a text editor like Notepad or Notepad++ which is located in the shared folder. DO THE MODIFICATIONS FOLLOWINGS in order to merge the VPN profile of DSM and AIRVPN configuration files:At the end of the client_oXXXXXXXX file, add all the lines of the AirVPN_XXXXX_UDP-53.ovpn Then insert # before the lines already present to merge the two configurations So, we only keep 11 lines of AirVPN_XXXXX_UDP-53 in this modified client_oXXXXXXXX file and SAVE the modificated client_oXXXXXXXX file. The modificated client_oXXXXXXXX file will look similar to below :dev tuntls-clientremote SERVERIP PORT of your selected AIRVPN serverpullproto udpup /usr/syno/etc.defaults/synovpnclient/scripts/ovpn-uproute-up /usr/syno/etc.defaults/synovpnclient/scripts/route-upca ca_oXXXXXXXXX.crt ID of your VPN profileredirect-gatewayscript-security 2floatreneg-sec 0explicit-exit-notifyplugin /lib/openvpn/openvpn-down-root.so /usr/syno/etc.defaults/synovpnclient/scripts/ip-downauth-user-pass /tmp/ovpn_client_up# --------------------------------------------------------# Air VPN | https://airvpn.org | Sunday 22nd of November 2015 10:42:53 AM# OpenVPN Client Configuration# AirVPN_FR-Paris_Marfic_UDP-53# -------------------------------------------------------- #client NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE#dev tun NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE#proto udp NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE#remote SERVERIP PORT NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINEresolv-retry infinitenobindpersist-keypersist-tunremote-cert-tls servercipher AES-256-CBCcomp-lzo no#route-delay 5 NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINEverb 3#explicit-exit-notify 5 NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE#ca "ca.crt" NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINEcert "user.crt"key "user.key"tls-auth "ta.key" 1Now, we will replace the client_oXXXXXXXX file by the modificated client_oXXXXXXXX file into the folder usr/syno/etc/synovpnclient/openvpnNOTE: When copying use 'cp –f' to force overwrite of existing files in the destination. In root mode, -f is not mandatory. Check the last modification date of the client_oXXXXXXXX file with the command dir in the current folder usr/syno/etc/synovpnclient/openvpn For my example, execute the command line :cp /volume1/DSM/UPLOAD/client_oXXXXXXXX /usr/syno/etc/synovpnclient/openvpn Do similar for the other downloaded AIR VPN configuration files :cp /volume1/DSM/UPLOAD/user.crt /usr/syno/etc/synovpnclient/openvpncp /volume1/DSM/UPLOAD/user.key /usr/syno/etc/synovpnclient/openvpncp /volume1/DSM/UPLOAD/ta.key /usr/syno/etc/synovpnclient/openvpn it s DONE. Ready J Your AIR VPN ACCESS is correctly configurated for SYNOLOGY OS v5. NOTES:Please note that if you make any changes to VPN profile using the DSM GUI the changes you made to the configuration file will be overwritten and it will have to be edited again.Any VPN configuration changes made and saved through the Synology VPN control panel will result in the client_oXXXXXXXX file being overwritten and reset to its original state before the manual edits described above, which basically renders the configuration unusable with AirVPN; if this happens the file should be restored from a previously saved backup using a cp (copy) command like the ones above; so when you get the configuration working, create a backup of the client_XXXXXXXX file somewhere safe. STEP 4 – HOW TO ACCESS TO YOUR SYNOLOGY SERVER FROM INTERNET WHEN AIRVPN IS CONNECTED ON YOUR DSM Fowarding ports from Public IP to connect to your DSM Synology server through AIRVPN connected.(https://www.youtube.com/watch?v=pFcDYptkqBA ) You can forward up to 20 ports simultaneously. You can do that on our website, in your account "Client Area". You can't forward ports lower than 2048. You can map a remotely forwarded port to a different local port: this is useful for a variety of cases, for example when your service listens to a port lower than 2048 or when it is already reserved. https://airvpn.org/faq/port_forwarding/ I advice you to open the forwarded ports on your Client area of AIRVPN website: Forwarded port : XXX0Protocol : TCP & UDPLocal port: 5000DDNS: my_ds_aliashttp Forwarded port : XXX1Protocol : TCP & UDPLocal port: 5001DDNS: my_ds_aliashttps Forwarded port : XXX2Protocol : TCP & UDPLocal port: 80DDNS: my_ds_aliaswebsite Forwarded port : XXX3Protocol : TCP & UDPLocal port: 443DDNS: my_ds_aliassecurewebsite Access through HTTP or HTTPS according to your DSM connection configuration:( https://www.synology.com/en-us/knowledgebase/tutorials/611 ) http://my_ds_alias.airdns.org:forwarded_port/webman/index.cgiorhttp://PUBLICIP ofAIRVPNSERVER:forwarded_port/webman/index.cgi https://my_ds_alias.airdns.org:forwarded_port/webman/index.cgiorhttps://PUBLICIP ofAIRVPNSERVER:forwarded_port/webman/index.cgi my_ds_alias= according to the service you want to accessforwarded_port= associated to your service For instance :HTTP ACCESShttp:// my_ds_aliashttp.airdns.org:XXX0/webman/index.cgiorhttp:// PUBLICIPOF AIRVPNSERVER.airdns.org:XXX0/webman/index.cgiFor instance :HTTPS ACCESShttps:// my_ds_aliashttp.airdns.org:XXX1/webman/index.cgiorhttps:// PUBLICIPOF AIRVPNSERVER.airdns.org:XXX1/webman/index.cgi For instance :WEBSITE ACCESShttp:// my_ds_aliaswebsite.airdns.org:XXX2orhttp:// PUBLICIPOF AIRVPNSERVER.airdns.org:XXX2For instance :SECURE WEBSITE ACCESShttps:// my_ds_aliassecurewebsite.airdns.org:XXX3orhttps:// PUBLICIPOF AIRVPNSERVER.airdns.org:XXX3 1 mrhippy reacted to this Quote Share this post Link to post
nart 1 Posted ... I followed the guide in this thread and managed to set up an AirVPN connection on my Synology DS215j at version 5.2-5592. I subsequently upgraded to 5.2-5644 by resetting to factory settings as I was having some unrelated connectivity issues. I am now trying to configure AirVPN again without success. I tried three different servers and I get the same messages back in the log. When it fails connecting the DSM interface says "Connection failed or certificate expired. Please use a valid certificate issued by the VPN server and try again." My client_oXXXXXXX file looks like this: # -------------------------------------------------------- # Air VPN | https://airvpn.org | Sunday 6th of December 2015 08:39:40 PM # OpenVPN Client Configuration # AirVPN_NL-Alblasserdam_Diphda_UDP-53 # -------------------------------------------------------- client dev tun proto udp remote 213.152.161.164 53 resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server cipher AES-256-CBC comp-lzo no route-delay 5 verb 3 explicit-exit-notify 5 ca ca_o1449434658.crt cert user.crt key user.key tls-auth ta.key 1 float reneg-sec 0 plugin /lib/openvpn/openvpn-down-root.so /usr/syno/etc.defaults/synovpnclient/ log-append /volume1/Downloads/AirVPN/AirVPN.log This is a cut-down version, but I also used one where all lines from both files (AirVPN .ovpn file and generated client_oXXXXXX file) were kept (except the repeating lines). This how the log files looks : Sun Dec 6 20:53:39 2015 OpenVPN 2.3.6 armle-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Oct 7 2015 Sun Dec 6 20:53:39 2015 library versions: OpenSSL 1.0.1p-fips 9 Jul 2015, LZO 2.08 Sun Dec 6 20:53:39 2015 PLUGIN_INIT: POST /lib/openvpn/openvpn-down-root.so '[/lib/openvpn/openvpn-down-root.so] [/usr/syno/etc.defaults/synovpnclient/]' intercepted=PLUGIN_UP|PLUGIN_DOWN Sun Dec 6 20:53:39 2015 WARNING: file 'user.key' is group or others accessible Sun Dec 6 20:53:39 2015 WARNING: file 'ta.key' is group or others accessible Sun Dec 6 20:53:39 2015 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Sun Dec 6 20:53:39 2015 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sun Dec 6 20:53:39 2015 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sun Dec 6 20:53:39 2015 Socket Buffers: R=[163840->131072] S=[163840->131072] Sun Dec 6 20:53:39 2015 UDPv4 link local: [undef] Sun Dec 6 20:53:39 2015 UDPv4 link remote: [AF_INET]213.152.161.164:53 Sun Dec 6 20:53:39 2015 TLS Error: client->client or server->server connection attempted from [AF_INET]213.152.161.164:53 Sun Dec 6 20:53:41 2015 TLS Error: client->client or server->server connection attempted from [AF_INET]213.152.161.164:53 Sun Dec 6 20:53:45 2015 TLS Error: client->client or server->server connection attempted from [AF_INET]213.152.161.164:53 Sun Dec 6 20:53:53 2015 TLS Error: client->client or server->server connection attempted from [AF_INET]213.152.161.164:53 Sun Dec 6 20:54:09 2015 TLS Error: client->client or server->server connection attempted from [AF_INET]213.152.161.164:53 Sun Dec 6 20:54:39 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Sun Dec 6 20:54:39 2015 SYNO_ERR_CERT Sun Dec 6 20:54:39 2015 TLS Error: TLS handshake failed Sun Dec 6 20:54:39 2015 SIGUSR1[soft,tls-error] received, process restarting Sun Dec 6 20:54:39 2015 Restart pause, 2 second(s) Sun Dec 6 20:54:41 2015 Socket Buffers: R=[163840->131072] S=[163840->131072] Sun Dec 6 20:54:41 2015 UDPv4 link local: [undef] Sun Dec 6 20:54:41 2015 UDPv4 link remote: [AF_INET]213.152.161.164:53 Sun Dec 6 20:54:41 2015 TLS Error: client->client or server->server connection attempted from [AF_INET]213.152.161.164:53 Sun Dec 6 20:54:43 2015 TLS Error: client->client or server->server connection attempted from [AF_INET]213.152.161.164:53 It always looked similar to this with every failed attempt ...and this how the generic ovpnclient.conf file looks like (with username and password removed): [o1449434658] nat=no protocol=udp redirect-gateway=no comp-lzo=no pass=<MyPassword> port=53 reconnect=yes conf_name=AirVPN_Diphda_NL user=<MyUsername> remote=213.152.161.164 Any ideas what's wrong? Quote Share this post Link to post
squ1bby 1 Posted ... Hi nart, I'm using a DS215j on version DSM 5.2-5644 Update 1. Here is my OpenVPN configuration which works: /usr/syno/etc/synovpnclient/openvpn # cat client_o1447195475 # -------------------------------------------------------- # Air VPN | https://airvpn.org | Thursday 5th of November 2015 10:15:39 PM # OpenVPN Client Configuration # -------------------------------------------------------- client dev tun proto udp remote 213.152.161.29 443 resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server cipher AES-256-CBC comp-lzo no route-delay 5 verb 3 # This option can only be used with UDP explicit-exit-notify 5 ca "keys/ca_o1447195475.crt" cert "keys/user.crt" key "keys/user.key" tls-auth "keys/ta.key" 1 script-security 2 redirect-gateway float reneg-sec 0 plugin /lib/openvpn/openvpn-down-root.so /usr/syno/etc.defaults/synovpnclient/scripts/ip-down auth-user-pass /tmp/ovpn_client_up log-append /volume1/homes/Stuart/AirVPN/AirVPN.log 1 nart reacted to this Quote Share this post Link to post
nart 1 Posted ... Hey squ1bby, Thanks for replying! Your configuration did work indeed. Any reason you are using port 443 instead of 53 as recommended in the original guide? I regenerated all the files by selecting port 443 via the website wizard, instead of just replacing the port in the file, just to make sure. One thing I noticed is performance is quite bad in transmission (ports are forwarded)...slow speed, connection stopping altogether although the DSM would say it is still connected (Client Area on the website would also show I'm not connected), etc. I wonder if it's the port? Do you have similar problems? Quote Share this post Link to post
squ1bby 1 Posted ... Hi nart, No specific reason for using port 443. I seem to recall that when I first tested AirVPN I used this port and it worked well so I keep it as that. Maybe at some point over the Xmas period I'll reconfigure it to use port 53 and see what performance is like. I don't have any problems with bad transmission / port speeds etc. I'm in the UK and my connection is provided as FTTC (Fibre to the Cab) at 40Mbps down / 10Mbps up (although in reality I get about 35Mbps / 6Mbps). Downloading from the Internet I can usually get 24 - 30Mbps downstream and almost max out my upstream via AirVPN. I'm currently connected to a server in NL and have been for for 3w 2d according to the website. Where are you located, what is your connection speed and which server are you connected to? What ports are you forwarding - services on your NAS or on a PC? Regards, S. Quote Share this post Link to post
trok79200foe 0 Posted ... Hi, I followed the instructions in this post and have VPN working on my diskstation and have two newbie related questions:If i connect my Diskstation to AirVPN, which is connected to a router AC68U, is my IP and all the diskstation traffic still private and protected? Im assuming it does as that is the whole point behind creating a VPN tunnel however i just wanted to make sure as my diskstation has a static local ip assigned from the routerHas anyone had any luck getting VPN and SSL working on a diskstation? I dont mean to crosspost/threadjack but i tried setting it up per the instructions here but havent been successful so far. Forum post with more details are here Quote Share this post Link to post
rango 0 Posted ... Has anyone had any luck getting VPN and SSL working on a diskstation? I dont mean to crosspost/threadjack but i tried setting it up per the instructions here but havent been successful so far. Forum post with more details are hereI have the same question. I get very poor speeds on my Airvpn connection and am hoping that SSL helps. There doesn't seem to be a simple set of instructions on the web to get Stunnel working with Synology's openvpn client (using Airvpn connection). Quote Share this post Link to post
TeranFethril 0 Posted ... Has anyone had any luck getting VPN and SSL working on a diskstation? I dont mean to crosspost/threadjack but i tried setting it up per the instructions here but havent been successful so far. Forum post with more details are hereI have the same question. I get very poor speeds on my Airvpn connection and am hoping that SSL helps. There doesn't seem to be a simple set of instructions on the web to get Stunnel working with Synology's openvpn client (using Airvpn connection). Hello everyone, I currently use STUNNEL with AirVPN on a Synology RS815+. My Internet connection can use a maximum of 400Mbit down. With STUNNEL and OpenVPN on the 443 port to reach 350 Mbit at 60% CPU load. Without STUNNEL I come to about 35 Mbit.Speed Test:wget -O /dev/null http://cachefly.cachefly.net/100mb.test You can install STUNNEL with IPKG on your Synology. Then start "/opt/sbin/stunnel "/volume1/homes/admin/airvpn/$CONFIG_NAME.ssl". Replace $config_name accordingly.Then you can start your OpenVPN client of the Synology DiskStation withsynovpnc reconnect --protocol=openvpn --name=$CONFIG_NAME --retry=$CONFIG_RECONNECTION --interval=$CONFIG_INTERVAL Greeting, Teran Quote Share this post Link to post
Xiocus 9 Posted ... Thanks for this guide... I have followed the guide step by step and I believe it is silly but, I am stock at the very end... When I try to copy user.crt, user.key, ta.key to /usr/syno/etc/synovpnclient/openvpn I get this message: cp. cannot create regular '/usr/syno/etc/synovpnclient/openvpn/user.crt' : Permission denied. I have check the permission on the files and nothing seems to be out of normal compared to when I copied back the edited client_oXXXXXXXX... Any hint would be highly appreciated!! SOVED: If anyone runs into this troubles just type *sudo cp* Quote Share this post Link to post
sannolikhet 0 Posted ... Hey, anyone managed to get Synology rt1900ac router connecting via AirVPN? Quote Share this post Link to post
carrey.gray@yahoo.com 0 Posted ... Hi there, I am running DSM 6.0.1-7393 on my DS716+ and I followed your instructions to the letter. However, when I try to connect I get the following message: "Connection failed or certificate expired. Please use a valid certificate issued by the VPN server and try again" I did it all from start to finish this morning, so I am really stuck as to what might be going wrong. I've tried the help desk, but I'm not getting any response. I would love some help from an experienced user. Thank you so much!Carrey Quote Share this post Link to post
Mikeyy 49 Posted ... With DSM 6, you don't need to follow everything in this tutorial. DSM evolved and now you don't need to SSH at all. Go to Control Panel - Network - Network interfacesCreate - Create VPN profileChoose 3rd option, "OpenVPN (via importing a .ovpn file)"In next window click "Advaced options" so it shows everything. If you followed @neolefort tutorial, you will have all needed files after you used AirVPN generator.Field "Certificate revocaton" you will leave empty. That's all, it works. Quote Share this post Link to post