Jump to content
Not connected, Your IP:

Search the Community

Showing results for tags 'synology'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • AirVPN
    • News and Announcement
    • How-To
    • Frequently asked questions
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP
    • Mirrors
    • Net Neutrality Monitor

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start



Website URL







XMPP / Jabber




Found 8 results

  1. Hello all, This is collection from different tutorials which I will refer here, but usually changed since some things changed. Setting up VPN on Synology is modified neolefort tutorial from here and reconnect script if from sundi which you can find here, which probably modified this script, plus my iptables for blocking Synology on router level when VPN fails. Other contributions: foobar666 - you no longer need to enter variables manually _sinnerman_ - fixed script for DS 6.1 I'm doing this mostly because I usually forget things I managed to solve after year or two, so this is way to have constant reminder how it was solved and also help others. 1. Get your certificates from AirVPN. Go to the https://airvpn.org/generator/ page to generate the configuration file. (1) SELECT LINUX OS (2) SELECT 1 SERVER (refer to section "by single servers") OR COUNTRY OR ANYTHING ELSE YOU WANT In original tutorial, neolefort said to choose 1 server, because in that case you will get IP instead of xxx.airvpn.org domain. Choosing 1 server is safe because it doesn't need working DNS when you want to connect to VPN. If you choose anything else, you need working DNS on your router when establishing VPN connection. (3) SELECT the Advanced Mode (refer to section "connection modes") -select Direct, -protocol UDP, -port 443 -Separate keys/certs from .ovpn file You can choose any combination of protocol/port, but then also change iptables accordingly if you are using failsafe script. (4) ACCEPT THE RULES OF AIRVPN Tick the two checkboxes : I have read and I accept the Terms of Service I HEREBY EXPLICITLY ACCEPT POINTS 8, 10, 11 Then click on the GENERATE button. (5) Click on the ZIP button in order to download the AIRVPN configuration files and unzip them anywhere on your computer The ZIP archive should contain the following files: -AirVPN_XXXXX_UDP-443.ovpn -ca.crt -user.crt -user.key -ta.key 2. Setup AirVPN on Synology. In new DSM 6 it's much more easier since Synology developers allowed everything in GUI now. - Login as admin or with user from Administrator group. - Open Control panel. - Go "Network" and click on tab "Network Interface" - Click on button "Create" - "Create VPN profile" - Choose "OpenVPN (via importing .ovpn file) - Click "Advanced options" so it shows all options - Profile name: anything you want, but please keep is short and if you can without spaces " ", for example "AirVPN". - User name: Enter your username (anything you want, or you can enter AirVPN username) - Password: Enter your password (anything you want, or you can enter AirVPN password) - Import .ovpn file: click button and import your AirVPN_XXXXX_UDP-443.ovpn - CA certificate: click button and import your ca.crt - Client certificate: click button and import your user.crt - Client key: click button and import your user.key - Certificate revocation: LEAVE EMPTY - TLS-auth key: click button and import your ta.key - Click "Next" - Select all options, EXCEPT "Enable compression on the VPN link" (well, you can select that also if you really want, but don't ) Now you have working OpenVPN link on your Synology DS6+. You just need to start it from "Control panel" - "Network" - "Network Interface". EXTRAS!!! 3. Setting up external access to your Synology. First what you will notice is, "I CAN'T ACCESS MY SYNOLOGY FROM OUTSIDE OF MY LAN!!!!!!! OMG OMG OMG!!!!" I will not explain port fowards on your router here, if you don't know how to make one, learn! (1) You can port forward trough AirVPN webpage and access your Syno via VPN exit IP. This sometimes works, most of times it doesn't since Syno has some ports you cannot change. Anyway, change your default HTTP / HTTPS port on Syno to your forwarded AirVPN port and you should be fine. But forget about Cloudstation and similliar things. (2) If you want to access Syno via you ISP IP (WAN), then problem is, your Syno is receiving your connection, but it's replying trough VPN. That's a security risk and those connections get droped. But there is solution! - Access "Control panel" - "Network" - "General" - Click "Advanced Settings" button - Mark "Enable multiple gateways" and click "OK" and then "Apply" You're done! It's working now (if you forwarded good ports on your router). 4. Prevent leaks when VPN connection on Synology fails. There will be time, when you VPN will fail, drop, disconnect, and your ISP IP will become visible to world. This is one of ways you can prevent it, on router level. For this you need Tomato, Merlin, DD-WRT or OpenWRT firmware on your router. I will tell you steps for Tomato router. If you are using different firmware, then you need to learn alone how to input this code into your router. Since Shibby version 129 for ARM routers, syntax of iptables changed and depending on which version of iptables you are using, apply that code. - Login to your router (usually just by entering into your browser, if your IP is different, find out which is your gateway IP). - Click on "Administration" - Click on "Scripts" - Choose tab "Firewall" For Shibby v129 for ARM and later (iptables 1.4.x) us this: #Use this order of commands because it executes in reverse order. #This command will execute last, it kills all UDP requests. iptables -I FORWARD -p udp -s -j REJECT #This command will execute second and will block all TCP source ports except those needed for web access or services iptables -I FORWARD -p tcp -s -m multiport ! --sports 5000,5001,6690 -j REJECT #This command will execute first and will ACCEPT connection to your VPN on destination port 443 UDP iptables -I FORWARD -p udp -s -m multiport --dports 443 -j ACCEPT For earlier Shibby versions and later for MIPS routers:#Use this order of commands because it executes in reverse order. #This command will execute last, it kills all UDP requests. iptables -I FORWARD -p udp -s -j REJECT #This command will execute second and will block all TCP source ports except those needed for web access or services iptables -I FORWARD -p tcp -s -m multiport --sports ! 5000,5001,6690 -j REJECT #This command will execute first and will ACCEPT connection to your VPN on destination port 443 UDP iptables -I FORWARD -p udp -s -m multiport --dports 443 -j ACCEPT Port TCP 5000 = HTTP for for Synology web access (change to your if it's not default)Port TCP 5001 = HTTPS for for Synology web access (change to your it's not default) Port TCP 6690 = Cloud Station port Port UDP 443 = AirVPN connection port which you defined in step 1 of this tutorial. If you are using TCP port, then you need to change "-p udp" to "-p tcp" in that line. If you need more ports, just add them separated by comma ",". If you want port range, for example 123,124,125,126,127, you can add it like this 123:127. Change IP to your Synology LAN IP. Be careful NOT TO assign those ports to your Download Station on Synology. This isn't perfect, you can still leak your IP through UDP 443, but since torrent uses mostly TCP, those chances are minimal. If you use TCP port for VPN, then those chances increase. If you really want to be sure nothing leaks even on UDP 443 (or your custom port), you need to choose 1 (ONE) AirVPN server. You need to find that server entry IP and change last IPTABLES rule to something like this: iptables -I FORWARD -p udp -s -d 123.456.789.123 -m multiport --dports 443 -j ACCEPT Where 123.456.789.123 is AirVPN server entry IP. This will allow UDP 443 only for that server, rest will be rejected by router. These are all my opinions, from my very limited knowledge, which may be right and may be wrong. 5. Auto reconnection when VPN is down. Since when you made your VPN connection on your Synology, you checked "Reconnect" option, Syno will try to reconnect automaticly when connection fails. But in some cases, your network will be offline long enough and Syno will stop trying to reconnect, or will hang with VPN connection established, but not working. In those cases you can use this auto reconnect script. This is reconnect script. Save it in file named whatever you want. I'm using file name "synovpn_reconnect". All instructions how to use it are inside script in comments, but I will repeat them in this post also. #VPN Check script modified Sep 11, 2016 #Script checks if VPN is up, and if it is, it checks if it's working or not. It provides details like VPN is up since, data #received/sent, VPN IP & WAN IP. #If VPN is not up it will report it in the log file and start it #Change LogFile path to your own location. #Save this script to file of your choosing (for example "synovpn_reconnect"). Store it in one of your Synology shared folders and chmod it: "chmod +x /volume1/shared_folder_name/your_path/synovpn_reconnect" #Edit "/etc/crontab" and add this line without quotes for starting script every 10 minutes: "*/10 * * * * root /volume1/shared_folder_name/your_path/synovpn_reconnect" #After that restart cron with: "/usr/syno/sbin/synoservicectl --restart crond" #!/bin/sh DATE=$(date +"%F") TIME=$(date +"%T") VPNID=$(grep "\[.*\]" /usr/syno/etc/synovpnclient/openvpn/ovpnclient.conf | cut -f 2 -d "[" | cut -f 1 -d "]") VPNNAME=$(grep conf_name /usr/syno/etc/synovpnclient/openvpn/ovpnclient.conf | cut -f 2 -d "=") LogFile="/volume1/video/Backup/airvpn/check_airvpn_$DATE.log" PUBIP=$(curl -s -m 5 icanhazip.com) #PUBIP=$(curl -s -m 5 ipinfo.io/ip) #PUBIP=$(curl -s -m 5 ifconfig.me) CHECKIP=$(echo $PUBIP | grep -c ".") start_vpn() { echo "VPN is down. Attempting to (re)start now." >> $LogFile /usr/syno/bin/synovpnc kill_client --protocol=openvpn --name=$VPNNAME echo 1 > /usr/syno/etc/synovpnclient/vpnc_connecting echo conf_id=$VPNID > /usr/syno/etc/synovpnclient/vpnc_connecting echo conf_name=$VPNNAME >> /usr/syno/etc/synovpnclient/vpnc_connecting echo proto=openvpn >> /usr/syno/etc/synovpnclient/vpnc_connecting /usr/syno/bin/synovpnc reconnect --protocol=openvpn --name=$VPNNAME >> $LogFile } sleep 6 echo "======================================" >> $LogFile echo "$DATE $TIME" >> $LogFile if ifconfig tun0 | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00" then if [ "$CHECKIP" == 1 ] then IPADDR=$(/sbin/ifconfig tun0 | grep 'inet addr' | cut -d: -f2 | awk '{print $1}') RXDATA=$(/sbin/ifconfig tun0 | grep "bytes:" | cut -d: -f2 | awk '{print $1,$2,$3}') TXDATA=$(/sbin/ifconfig tun0 | grep "bytes:" | cut -d: -f3 | awk '{print $1,$2,$3}') UPTIME=$(cat /var/log/messages | grep "$IPADDR" | awk '{print $1}' | tail -1) UPTIME=$(date -d"$UPTIME" +"%Y/%m/%d %H:%M:%S") echo "VPN is up since: $UPTIME" >> $LogFile echo "Session Data RX: $RXDATA" >> $LogFile echo "Session Data TX: $TXDATA" >> $LogFile echo "VPN IP is: $IPADDR" >> $LogFile echo "WAN IP is: $PUBIP" >> $LogFile else start_vpn fi else start_vpn fi exit 0 (1) Enable SSH on your Synology if you didn't already. - As admin go to "Control panel" - "Terminal & SNMP" (you need to enable advanced mode in top right corner of control panel for this) - Check "Enable SSH service" - Click "Apply" (2) Save script above in file "synovpn_reconnect". Make sure to save it in UNIX UTF8, not windows. You can do that on windows with Notepad++, just open file with Notepad++, click "Encoding" - "Convert to UTF-8 without BOM" and them save file. (3) Edit script variables so it works for your system. You only need to edit this part: LogFile="/volume1/video/Backup/airvpn/check_airvpn_$DATE.log" Thanks to foobar666, you no longer need to enter VPNID or VPNNAME, it will detect them automatically. Now you only need to change your LogFile variable to match your wishes. After you finish editing script, save it. (4) Move or copy "synovpn_reconnect" to your Synology shared drive. Doesn't matter which, just be sure to know full path to it. If you only have 1 volume/drive, with multiple shared folders, your path should look similar to this: /volume1/shared_folder_name/your_path/ So for example, if you keep your files in default CloudStation folder, your path should look something like this:/volume1/home/your_username/CloudStation/ You can also do all this with VI, check original tutorial for that. (5) Now use Putty if you are on windows, or your terminal on linux, to access your Synology via SSH. I will not tutor you how to do that, learn. admin@ or username@ + password, or whatever your Syno LAN IP is. (6) Now type this into Putty/terminal: sudo chmod +x /volume1/shared_folder_name/your_path/synovpn_reconnect You need to chmod it to be executable. You will notice I use "sudo". It's because my admin username isn't default "admin". If you are using default "admin" user, then you probably don't need sudo. (7) Setup cron so it automatically starts your script every X minutes / hours / days. To setup it enter this: vi /etc/crontab And then press "i" to enter editing mode. Go to last line, and start new line with this:*/10 * * * * root /volume1/shared_folder_name/your_path/synovpn_reconnect Note that those ARE NOT spaces, those are TABS. This will start your script every 10 minutes. Change to whatever you want.Then press ESC key, and then type: :wq To exit VI and save file. After that type: /usr/syno/sbin/synoservicectl --restart crond To restart cron (or restart your Synology). Tip: If you don't want logfile, you can comment out those lines, or remove ">> $LogFile" code from whole script. That's all. If you entered everything correctly, you should be fine and ready to go! Comments are welcome. If you find mistakes, please correct me.
  2. Let me start by saying I am not that confident with networking but have some limited experience. I was having problems connecting to my Synology DS1817+ from the internet. I am running OpenVPN on a ddwrt router on which I have made no changes. I did forward 2 ports to 5000 and 5001 in the AIRVPN Client Area but nothing was working. I read everything I could find within the AIR VPN forums ,Synology's , and beyond. In the end my problem was solved when I changed my DDNS address in Synology -Control Panel - External Access - DDNS to something like Sorry to just now get to the point. 1. Did I create a security vulnerability? 2. Is this the correct method to setup external access to my N.A.S.? 3. Should I consider entering an ip table into the ddwrt that only forwards those ports to my N.A.S.? Thank you in advance for any advice/information here. Ryan
  3. Hi, I exactly followed all steps for creating a VPN on Synology. I have established a successful VPN connection - which is visible on in my AirVPN client area > overview page. The thing is that I cannot access the internet (Download Manager) - even ping (using putty) is not responding after having made the VPN connection.Btw - I deliberatly did not (yet) make any portforwarding changes, as I wanted to see if something as simple as this would work.Because I thought it might be a firewall issue, I temporary disabled my router firewall - no luck. Hope you could get me in the right direction... Netstat before and after making VPN connection. DiskStation> netstat -nrKernel IP routing tableDestination Gateway Genmask Flags MSS Window irtt Iface0.0.0.0 UG 0 0 0 eth0192.168.0.0 U 0 0 0 eth0DiskStation> netstat -nrKernel IP routing tableDestination Gateway Genmask Flags MSS Window irtt Iface0.0.0.0 UG 0 0 0 tun00.0.0.0 UG 0 0 0 eth010.8.0.0 U 0 0 0 tun0128.0.0.0 UG 0 0 0 tun0192.168.0.0 U 0 0 0 eth0213.152.161.73 UGH 0 0 0 eth0213.152.161.73 UGH 0 0 0 eth0
  4. Oh boy, not sure what I did. So recently I switched from PIA (Private Internet Access) to AirVPN because I needed the ability to access my PLEX server remotely when my VPN was enabled. I was able to set this up correctly however for some reason, I am unable to access my media library now. My files are sitting on a synology NAS connected to my network. Are there any other settings I need to do so that when I access PLEX and AirVPN is enabled, it will be able to browse my network storage? Also, I enabled network lock after reading what it is used for. Soon after, I ran into some issues so I disabled it to perform some debugging. Unfortunately, even though it is disabled, when I close AirVPN, I am unable to access the internet from my server. As soon as I turn on AirVPN, my connection restores. I tried to restart to flush the setting but no luck. I bit off more than I can chew apparently. Any advice would be greatly appreciated. I attached some screenshots I thought would be helpful. If there are any other details needed, please let me know. Thank you in advance!
  5. Hello, I'm a newly subscriber to AirVPN, I followed the guide to connect to AirVPN server with my Synology, so far so good My question is the following, is it normal to have reduced speed when using AirVPN ? I mean without AirVPN : 2.7 MB/s on Newsgroup With AIrVPN, after trying different servers , max I could get was 2.3 MB/s My upload is limited to 120KB/s in any case. So it's not a drastic fall in download speed but still is it a normal speed with vpn ? I have another VPN and I get just a bit more about 2.4 MB/s Any one with experience on synology noticed the same ? (The worst is when i activate some cloud sync while downloading without VPN it is 2.4 MB/s down and 120 KB/s up and with VPN 1.5 MB/s down and 120 KB/s up)
  6. Hello, I installed successfully an AirVPN connexion on my synology station using those instructions The goal is to redirect all the torrent traffic (Download Station application) through the VPN tunnel. The thing is that I have other services on this synology server, like cloud station etc.. To use those services I use a dynamic DNS name (currently at no-ip.org). Problem is that when I am connected through the VPN tunnel, those services don't work anymore. What is the best approach to this problem ? In my mind, the best would be to be able to split the traffic on my synology server i.e. to redirect only the traffic of the Download Station application through the VPN but not the rest. I have not been able to find a clear "How to do this" and I don't even know if it is possible. Other possibilities would be to open some ports on the vpn servers I am using if I have understood correctly. Thanks in advance if you have more detailed instructions or ideas on how to achieve this goal.
  7. How do I prevent an IP leak when I use AIRVPN with my Synology NAS download manager and my VPN connection drops and reverts to my home IP. How would I be able to prevent the download station from downloading if the VPN drops connection? I've done it on the PC just dont know how I would do it on the DiskStation. Thanks In Advance
  8. Just wanted to know how fast everyone is getting on their download and upload on their synology NAS while on the VPN downloading torrents. What is the optimal port and protocal to use TCP or UDP. When i tried the download station behind the VPN is was only getting less then 400 KB DL. On my computer I get about 1.2 MB max. I have a 60 Mb connection.
  • Create New...