Jump to content


Photo
* * * * * 4 votes

How to configure a Synology device


Best Answer neolefort, 23 November 2015 - 12:08 PM

PDF LINK for download with images:  https://1fichier.com/?ycqsixfviw

WORD LINK if you want to improve this method: https://1fichier.com/?kjmy10cf0s

 

Synology NAS Setup Guide for AIRVPN

This guide was produced using Diskstation Manager (DSM) v5 ;

DSM's GUI for connecting to OpenVPN doesn't allow for all of the required parameters to be set. Some manual steps are required to complete configuration of an OpenVPN connection to AIRVPN.

It requires accessing and copying files outside of the DSM GUI by connecting to the NAS drive through SSH.

 

STEP 0 – PRELIMINARY STEP OPEN TEMPORARY THE SSH PORT (22).

To enable SSH access in DSM. Open DSM, navigate to Control Panel -> Terminal & SNMP.

 

 

STEP 1 - DOWNLOAD THE CONFIGURATION ZIP FILE FROM AIRVPN GENERATOR

Go to the  https://airvpn.org/generator/ page to generate the configuration file.

(1. SELECT  LINUX OS)

 

 

(2. SELECT only 1 SERVER AIRVPN – refer to section by single servers )

In this exemple, i will take the FR-MARFIC server.

(3. SELECT the Advanced Mode – refer to section connection modes)

-select Direct,

-protocol UDP,

-port 53

-Separate keys/certs from .ovpn file

(4. ACCEPT THE RULES OF AIRVPN)

Tick the two checkboxes :

I have read and I accept the Terms of Service
I HEREBY EXPLICITLY ACCEPT POINTS 8, 10, 11

Then click on the GENERATE button.

 

Click on the ZIP button in order to download the AIRVPN configuration files.

Unzip the files into a shared folder on your diskstation DSM. In my example, i have created a shared folder on my diskstation  /DSM/UPLOAD  (Work folder or temp folder)

 

The ZIP archive should contain the following files:

- AirVPN_XXXXX_UDP-53.ovpn;  XXXXX it is corresponding to your single selected server.

-ca.crt

-user.crt

-user.key

 

STEP 2 – CREATION OF THE VPN PROFILE ON THE DSM SYNOLOGY OS V5

To create a VPN profile on the DSM. Open DSM, go to Control Panel -> Network -> Network Interface tab.

-Click on Create -> Create VPN profile.   

 

- Select OpenVPN radio button and click Next.

-In General Settings:

Profile Name:                   AIRVPN_FR_MARFIC (my example, put here the name of  your selected server)

Adresse Serveur:            195.154.194.18  IP of MARFIC server (you will find the IP of your selected server in the configuration file of AirVPN_XXXXX_UDP-53.ovpn)

Login:    LOGIN AIRVPN (you use to connect the AIRVPN website)

Password:                          Password AIRVPN (you use to connect the AIRVPN website)

Port:                                     53

Protocol:                             UDP

Certificate:                         Import here the  ca.crt file

Then click on the Next button.

Define the Advanced settingds (SELECT ALL :  EXCEPT the ‘Enable compression on the VPN link’)

To finish the creation of the VPN profile, click on Apply button.

You'll now have a VPN connection in the Network Interfaces section of your DSM's GUI.  Attempting to connect will fail though. It is normal. The DSM configuration file will need to be MODIFIED directly on the NAS drive through SSH port with Putty.

 

STEP 3 – MODIFICATION OF THE VPN PROFILE WITH PUTTY (SSH client) THROUGH SSH PORT TO MAKE IT COMPATIBLE WITH THE AIRVPN

Connect directly Putty (SSH client) to your NAS Synology (SSH port is OPENED - refer STEP 0).

Open Putty and connect to DSM using the root account. Password will be the same as the 'admin' account password for DSM (you can change this password by logging into DSM using any account that is in the administrator group and going to Control panel -> Users).

Execute the following commands, line by line :

cd

cd ..

cd usr/syno/etc/synovpnclient/openvpn

dir

You must see at least this configuration files, in the folder usr/syno/etc/synovpnclient/openvpn

XXXXXXXX = 1378254898 in my example. This is the ID of the connection which is automatically attributed.

Copy the file client_oXXXXXXXX  to a shared folder somewhere on the diskstation with the commande line below.  In my exemple, /volume1/DSM/UPLOAD

cp client_oXXXXXXXX /volume1/DSM/UPLOAD

 

Edit the client_oXXXXXXXX file with a text editor like Notepad or Notepad++ which is located in the shared folder.  

DO THE MODIFICATIONS FOLLOWINGS in order to merge the VPN profile of DSM and AIRVPN configuration files:

  1. At the end of the client_oXXXXXXXX file, add all the lines of the AirVPN_XXXXX_UDP-53.ovpn
  2. Then insert # before the lines already present to merge the two configurations
    So, we only keep 11 lines of AirVPN_XXXXX_UDP-53 in this modified client_oXXXXXXXX file and SAVE the modificated client_oXXXXXXXX file.
The modificated client_oXXXXXXXX file will look similar to below :

dev tun

tls-client

remote SERVERIP PORT of your selected AIRVPN server

pull

proto udp

up /usr/syno/etc.defaults/synovpnclient/scripts/ovpn-up

route-up /usr/syno/etc.defaults/synovpnclient/scripts/route-up

ca ca_oXXXXXXXXX.crt  ID of your VPN profile

redirect-gateway

script-security 2

float

reneg-sec 0

explicit-exit-notify

plugin /lib/openvpn/openvpn-down-root.so /usr/syno/etc.defaults/synovpnclient/scripts/ip-down

auth-user-pass /tmp/ovpn_client_up

# --------------------------------------------------------

# Air VPN | https://airvpn.org | Sunday 22nd of November 2015 10:42:53 AM

# OpenVPN Client Configuration

# AirVPN_FR-Paris_Marfic_UDP-53

# --------------------------------------------------------

 

#client                                                                NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE

#dev tun                                            NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE

#proto udp                                       NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE

#remote SERVERIP  PORT           NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE

resolv-retry infinite

nobind

persist-key

persist-tun

remote-cert-tls server

cipher AES-256-CBC

comp-lzo no

#route-delay 5                                NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE

verb 3

#explicit-exit-notify 5                   NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE

#ca "ca.crt"                                       NE PAS GARDER CETTE LIGNE ACTIVE-DO NOT KEEP ACTIVE THIS LINE

cert "user.crt"

key "user.key"

tls-auth "ta.key" 1

Now, we will replace the client_oXXXXXXXX file by the modificated client_oXXXXXXXX file into the folder usr/syno/etc/synovpnclient/openvpn

NOTE: When copying use 'cp –f' to force overwrite of existing files in the destination. In root mode, -f is not mandatory. Check the last modification date of the client_oXXXXXXXX file with the command dir in the current folder usr/syno/etc/synovpnclient/openvpn

 

For my example, execute the command line :

cp /volume1/DSM/UPLOAD/client_oXXXXXXXX /usr/syno/etc/synovpnclient/openvpn

 

 

Do similar for the other downloaded AIR VPN configuration files :

cp /volume1/DSM/UPLOAD/user.crt /usr/syno/etc/synovpnclient/openvpn

cp /volume1/DSM/UPLOAD/user.key /usr/syno/etc/synovpnclient/openvpn

cp /volume1/DSM/UPLOAD/ta.key /usr/syno/etc/synovpnclient/openvpn

 

it s DONE. Ready J Your AIR VPN ACCESS is correctly configurated for SYNOLOGY OS v5.

NOTES:

Please note that if you make any changes to VPN profile using the DSM GUI the changes you made to the configuration file will be overwritten and it will have to be edited again.

Any VPN configuration changes made and saved through the Synology VPN control panel will result in the client_oXXXXXXXX file being overwritten and reset to its original state before the manual edits described above, which basically renders the configuration unusable with AirVPN; if this happens the file should be restored from a previously saved backup using a cp (copy) command like the ones above; so when you get the configuration working, create a backup of the client_XXXXXXXX file somewhere safe.

STEP 4 – HOW TO ACCESS TO YOUR SYNOLOGY SERVER FROM INTERNET WHEN AIRVPN IS CONNECTED ON YOUR DSM

 

  1. Fowarding ports from Public IP to connect to your DSM Synology server through AIRVPN connected.

(https://www.youtube.com/watch?v=pFcDYptkqBA )

 

You can forward up to 20 ports simultaneously. You can do that on our website, in your account "Client Area". You can't forward ports lower than 2048. You can map a remotely forwarded port to a different local port: this is useful for a variety of cases, for example when your service listens to a port lower than 2048 or when it is already reserved. https://airvpn.org/faq/port_forwarding/

 

 

I advice you to open the forwarded ports on your Client area of AIRVPN website:

 

Forwarded port : XXX0

Protocol : TCP & UDP

Local port: 5000

DDNS: my_ds_aliashttp

 

Forwarded port : XXX1

Protocol : TCP & UDP

Local port: 5001

DDNS: my_ds_aliashttps

 

Forwarded port : XXX2

Protocol : TCP & UDP

Local port: 80

DDNS: my_ds_aliaswebsite

 

Forwarded port : XXX3

Protocol : TCP & UDP

Local port: 443

DDNS: my_ds_aliassecurewebsite

 

 

  1. Access through HTTP or HTTPS according to your DSM connection configuration:

( https://www.synology.com/en-us/knowledgebase/tutorials/611 )

 

http://my_ds_alias.airdns.org:forwarded_port/webman/index.cgi

or

http://PUBLICIP ofAIRVPNSERVER:forwarded_port/webman/index.cgi

 

 

https://my_ds_alias.airdns.org:forwarded_port/webman/index.cgi

or

https://PUBLICIP ofAIRVPNSERVER:forwarded_port/webman/index.cgi

 

 

my_ds_alias= according to the service you want to access

forwarded_port= associated to your service

 

 

 

 

For instance :

HTTP ACCESS

http:// my_ds_aliashttp.airdns.org:XXX0/webman/index.cgi

or

http:// PUBLICIPOF AIRVPNSERVER.airdns.org:XXX0/webman/index.cgi

For instance :

HTTPS ACCESS

https:// my_ds_aliashttp.airdns.org:XXX1/webman/index.cgi

or

https:// PUBLICIPOF AIRVPNSERVER.airdns.org:XXX1/webman/index.cgi

 

For instance :

WEBSITE ACCESS

http:// my_ds_aliaswebsite.airdns.org:XXX2

or

http:// PUBLICIPOF AIRVPNSERVER.airdns.org:XXX2

For instance :

SECURE WEBSITE ACCESS

https:// my_ds_aliassecurewebsite.airdns.org:XXX3

or

https:// PUBLICIPOF AIRVPNSERVER.airdns.org:XXX3

Go to the full post


  • Please log in to reply
69 replies to this topic

#1 afurbano

afurbano

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 31 May 2012 - 04:01 PM

Hi guys,

Anyone knows how to configuration a synology server to work through Airvpn servers?

Thanks

#2 ranjeetsodhi

ranjeetsodhi

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 26 August 2012 - 11:26 PM

bump!! need help with this as well. I have run the OpenVPN connection on my Mac without any issues, but haven't been able to get the OpenVPN client on Synology to even complete the setup - it just goes into a endless sleep state..

Anybody have a Synology NAS 4.0 or 4.1 Beta configured with AirVPN?

#3 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7789 posts

Posted 26 August 2012 - 11:36 PM

Hello!

We're sorry, as far as we know the Synology NAS is not fully compatible with OpenVPN in client mode because it does not support double certificate+key authentications. Please refer to the Synology customer support.

Kind regards

#4 ranjeetsodhi

ranjeetsodhi

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 26 August 2012 - 11:38 PM

Is there any way to get PPTP to work with a Synology NAS (running DSM 4.1Beta)?

#5 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7789 posts

Posted 26 August 2012 - 11:40 PM

Is there any way to get PPTP to work with a Synology NAS (running DSM 4.1Beta)?



Hello!

We don't provide PPTP access. Please refer to the Synology customers' support.

Kind regards

#6 ranjeetsodhi

ranjeetsodhi

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 26 August 2012 - 11:41 PM

Thanks much for the quick response.

#7 Shakazulu

Shakazulu

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 07 March 2013 - 10:38 PM

Synology allows for application to built for it. Has anyone built an airvpn application that can be installed on the synology device. Just want to reopen this thread. This seems like a real need for that system.

#8 janern

janern

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 15 August 2013 - 10:08 PM

This was the sole purpose for me just bying the 6 month package. So this was very disappointing. I just took it for granted that it would work. A couple of weeks ago I tried Astrill's free trial, and was completely able to use that on my Synology NAS, they even had a wiki-page about it; http://wiki.astrill.com/index.php/Astrill_Setup_Manual:How_to_get_OpenVPN_working_on_Synology_NAS , (feel free to remove the link from the post if i'm overstepping here. just providing you information about the "competition" :) ) I was thinking it should work the same way, but i didn't seem to.



#9 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7789 posts

Posted 16 August 2013 - 12:15 AM

@janern

 

We are not removing the link because it gives us the option to talk about an important security issue.

 

With our service, you don't even have to create manually a file. Our Configuration Generator will generate all the files needed by OpenVPN.

 

Make sure to tick "Advanced Mode", and then tick "Separate certs/keys from .ovpn file".

 

Unfortunately, the instructions you linked talk only about a ca certificate, as if the Astrill authentication method is based only on that (with, optionally, login and password, which would be even worse). That's really a very bad way to build a secure & trusted VPN. Our authentication method is based on client certificate, server certificate and client key, with TLS re-keying at each connection and every 60 minutes (Perfect Forward Secrecy). No VPN server keeps any database of login names, passwords, user names or anything else. This is the correct way to provide a higher security service with OpenVPN. It is so obvious that we are astonished that you even compare a service without the aforementioned features with AirVPN.

 

Since security and strength of the anonymity layer are one of our highest priorities, we're sure you'll understand our decision to never compromise the system to meet the needs of devices that do not implement all the OpenVPN features (IF it's your case, of course), even if that would mean to have some gullible customers that with the current system we can't have.

 

If some services meet your need and our service does not because it provides a much higher security level, it's unfair to blame us, and not only in consideration of the fact that we clearly list all the systems that are compatible with our service. You should blame VPN providers and manufacturers that do not offer the better security options. We see that you have already asked for a refund and that the refund has been granted, so you are free to pick the service that you prefer. If you think that security is not of your concern, there are literally hundreds of low security, low privacy VPN services on the Internet that you can use. Our service will not compromise security and/or privacy for marketing reasons.

 

Kind regards



#10 phantasteek

phantasteek

    Newbie

  • Members
  • Pip
  • 9 posts

Posted 05 September 2013 - 12:13 AM

I have actually been able to successfully connect my Synology DS211j. I got a three day trial, configured it and got it running properly yesterday. The only issue I've had was the inability to reconnect automatically upon disconnect.

 

If Air staff are ok, I can share the steps I've followed to configure the connection. In principle I've generated and downloaded the configuration files, uploaded the cert and key files to the diskstation using a terminal connection, created a placeholder OpenVPN connection in the Synology diskstation's VPN control panel using the user cert I uploaded, then downloaded the configuration file from the station using terminal, modified it to use all Air parameters and keys/certificates and finally uploaded it back to the diskstation and connected.

 

Staff, please let me know if it's ok to post details and if you'd like to see my connection logs to confirm all is good from a security standpoint.

 

Thanks.



#11 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7789 posts

Posted 05 September 2013 - 01:47 AM

@phantasteek

 

Hello!

 

Of course, it's just fine, thank you! Also feel free to publish or send us in private the connection logs.

 

Kind regards



#12 Royee

Royee

    Advanced Member

  • Members
  • PipPipPip
  • 114 posts

Posted 05 September 2013 - 04:03 PM

Another possible choice and work around is to use a tomato Router with VPN already ?   that way anything connected to the router via ethernet is running through the VPN.  All your apps on the Synology torrent etc should in theory be running through the VPN.

 

One can always buy a Asus RT-N16 for around £40-60 off ebay easily,  if you add firewall rules you can further safe guard yourself in case the VPN drops out also.

 

I am only guessing the above however !  but in theory it should work



#13 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7789 posts

Posted 05 September 2013 - 05:26 PM

@Royee

 

Yes, absolutely. We have very many customers who connect their whole house or office to a VPN server via a Tomato, DD-WRT or other supporting OpenVPN firmware builds. As you can see, we provide instructions to configure both Toastman Tomato and DD-WRT ('OpenVPN-flavored') through the router web interface.

 

One thing to keep in mind, though: consumers' routers CPU processing power is not outstanding for real time AES encryption/decryption. Our OpenVPN Data Channel cipher is AES-256-CBC. Consumers' routers CPU will be able to handle no more than 7-10 Mbit/s AES throughput, due to encryption and decryption on the fly, so the connected devices will be "capped" at that maximum TOTAL throughput.

 

Kind regards



#14 phantasteek

phantasteek

    Newbie

  • Members
  • Pip
  • 9 posts

Posted 06 September 2013 - 04:59 AM

Here's a step-by-step of how I've setup an AirVPN OpenVPN connection on a Synology DS211j running DSM 4.2-3202:

  1. Generate the configuration and cert/key files on the AirVPN web site:

  • Choose your Operating System: select Linux (see ChooseOS.jpg attachment)

  • Pick a server

  • Under Connection Modes: select Advanced Mode, select Direct, protocol UDP, port 53 and select Separate keys/certs from .ovpn file (see ConnectionModes.jpg)

  • Accept both then click on Generate

  • Click on ZIP to download a ZIP archive containing all files (see DownloadFiles.jpg); unzip the contents to a work folder; the archive should contain the following files:

    • AirVPN_XXXXX_UDP-53.ovpn; XXXXX reflects the server selected above

    • ca.crt

    • user.crt

    • user.key

  1. Create an OpenVPN connection in the Synology diskstation's VPN control panel (see VPN.jpg):

  • use anything for the IP, user and password as they will be changed/removed manually below anyways

  • import the ca.crt certificate you extracted into the work folder above (see VPNGeneral.jpg)

  • set advanced settings as desired

  • apply changes

  • as a result the following files will get created in the /usr/syno/etc/synovpnclient/openvpn folder on the diskstation (see Files.jpg):

    • ca_oXXXXXXXX.crt
    • client_oXXXXXXXX

    • ovpn_oXXXXXXXX.conf, where XXXXXXXX is a number assigned automatically when the OpenVPN connection is saved (probably an Id for the connection)

  1. Modify the Synology configuration file created above:

  • telnet into the Synology diskstation using a telnet/ssh app such as Putty, login as root, which should have the same password as the admin user
  • change directory to the openvpn folder using this command:

cd /usr/syno/etc/synovpnclient/openvpn

 

  • use a command like below to copy the client_oXXXXXXXX described above to a diskstation shared folder to be able to open and change it with a text editor:

cp client_oXXXXXXXX /volume1/SharedFolder/

where you substitute your specific numbers for XXXXXXXX and your specific volume and folder name for /volume1/SharedFolder

  • open the file you copied to the shared folder with your favourite text editor (e.g. Notepad or Notepad++) and make the following changes to merge the configuration file generated and downloaded from the AirVPN web site into it:
  • remove all the lines from the client_oXXXXXXXX file except the 3 below:

float

reneg-sec 0

plugin /lib/openvpn/openvpn-down-root.so /etc/ppp/ip-down

  • then insert all lines from the AirVPN_XXXXX_UDP-53.ovpn into the file and save it
  • optionally, if you wish to have a client connection log file for debugging/troubleshooting purposes, you can also include a line like this (with your own folder and file name):

log-append /volume1/SharedFolder/AirVPN.log

  • at this point the file should look something like this:

# --------------------------------------------------------
# Air VPN | https://airvpn.org | Wednesday 4th of September 2013 12:07:47 AM
# OpenVPN Client Configuration
# AirVPN_Server_UDP-53
# --------------------------------------------------------

client
dev tun
proto udp
remote some.server.address.here 53
resolv-retry infinite
nobind
ns-cert-type server
cipher AES-256-CBC
comp-lzo
verb 3
explicit-exit-notify 5
ca ca_oXXXXXXXX.crt
cert user.crt
key user.key
script-security 2
redirect-gateway
float
reneg-sec 0
plugin /lib/openvpn/openvpn-down-root.so /etc/ppp/ip-down


with the proper values for the server and numeric connection id instead of the placeholders "some.server.address.here" and "XXXXXXXX" I've included above

  • in the telnet app, while continuing to be positioned in the /usr/syno/etc/synovpnclient/openvpn folder, copy the modified client_oXXXXXXXX file back to that folder using a command like:

cp /volume1/SharedFolder/client_oXXXXXXXX .

  • using similar commands, also copy the user.crt and user.key files over to the /usr/syno/etc/synovpnclient/openvpn folder:

 

cp /volume1/SharedFolder/user.crt .

cp /volume1/SharedFolder/user.key .

  • done

 

NOTES:

  • any VPN configuration changes made and saved through the Synology VPN control panel will result in the client_oXXXXXXXX file being overwritten and reset to its original state before the manual edits described above, which basically renders the configuration unusable with AirVPN; if this happens the file should be restored from a previously saved backup using a cp (copy) command like the ones above; so when you get the configuration working, create a backup of the client_XXXXXXXX file somewhere safe;
  • multiple entries for different AirVPN servers can be created by downloading the configuration and key files for each server from the web site and re-doing the above steps for each entry; the proper ca.crt certificate file should be used for each entry; I believe the user.crt and user.key are the same for all servers as they are user-specific rather than server-specific and therefore they can be reused for all connections (they don't need to be copied over to the usr/syno/etc/synovpnclient/openvpn folder multiple times - last step above, before "done").

Attached Thumbnails

  • ChooseOS.jpg
  • ConnectionModes.jpg
  • DownloadFiles.jpg
  • VPN.jpg
  • VPNGeneral.jpg
  • Files.jpg


#15 SeriousDuke

SeriousDuke

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 10 September 2013 - 08:28 PM

@phantasteek

 

Hey man, thanks a lot!

Managed to get my Synology (also DS211j) with DSM 4.3-3776 connected to AirVPN thanks to your guidelines.

This was even the first time I ever used telnet in my life (but it turns out to be similar to DOS).

 

I did need to repeat the filename at the end op the cp command though or it wouldn't work:

cp client_oXXXXXXXX /volume1/SharedFolder/client_oXXXXXXXX

 

There were a few lines in the client_o file that were somewhat different from yours:

Some lines with " ":

ca "ca_oXXXXXXXXXX.crt"
cert "user.crt"
key "user.key"
And my last line looked like: plugin /lib/openvpn/openvpn-down-root.so /usr/syno/etc.defaults/synovpnclient/scripts/ip-down
 
But it worked! Used telnet to verify my connection with traceroute and everything ok.
 
So Synology owners: give it a try. First I was a bit put off when I saw the technical explanation, but just follow phantasteek's steps and you'll be fine.


#16 phantasteek

phantasteek

    Newbie

  • Members
  • Pip
  • 9 posts

Posted 10 September 2013 - 10:35 PM

@phantasteek

 

Hey man, thanks a lot!

Managed to get my Synology (also DS211j) with DSM 4.3-3776 connected to AirVPN thanks to your guidelines.

This was even the first time I ever used telnet in my life (but it turns out to be similar to DOS).

 

I did need to repeat the filename at the end op the cp command though or it wouldn't work:

cp client_oXXXXXXXX /volume1/SharedFolder/client_oXXXXXXXX

 

There were a few lines in the client_o file that were somewhat different from yours:

Some lines with " ":

ca "ca_oXXXXXXXXXX.crt"
cert "user.crt"
key "user.key"
And my last line looked like: plugin /lib/openvpn/openvpn-down-root.so /usr/syno/etc.defaults/synovpnclient/scripts/ip-down
 
But it worked! Used telnet to verify my connection with traceroute and everything ok.
 
So Synology owners: give it a try. First I was a bit put off when I saw the technical explanation, but just follow phantasteek's steps and you'll be fine.

 

Hey SeriousDuke. Glad I could help.

Ya, the quotes were in my file, too, but I removed them to simplify things, and since the file names did not contain any spaces that was ok.

I'm guessing the plugin line is different due to the different (newer) version of DSM that you have.

 

Thanks.



#17 2df46c2fb3

2df46c2fb3

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 20 September 2013 - 07:53 PM

@phantasteek

 

Thanks very much for your guide. Just tried it and everything is fine, except for that fact that I'm getting "Permission denied" errors when trying to copy the client_xxxxxxx, user.crt and user.key files.

I'm logged in as Admin via Putty, si I should have all rights.

 

Any tips?

eally appreciate it, thanks!



#18 phantasteek

phantasteek

    Newbie

  • Members
  • Pip
  • 9 posts

Posted 16 October 2013 - 04:03 AM

@phantasteek
 
Thanks very much for your guide. Just tried it and everything is fine, except for that fact that I'm getting "Permission denied" errors when trying to copy the client_xxxxxxx, user.crt and user.key files.
I'm logged in as Admin via Putty, si I should have all rights.
 
Any tips?
eally appreciate it, thanks!



Hi there. You need to login as root (not admin). root should have the same password as admin.

#19 karmalized

karmalized

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 02 November 2013 - 01:32 AM

Hello All,

 

 I have tried following these guidelines to get my DS212j setup using DSM 4.3 but I am not able to connect. I am wondering if anyone can see anything wrong with my config file:

 

# --------------------------------------------------------
# Air VPN | https://airvpn.org | Friday 1st of November 2013 02:15:05 AM
# OpenVPN Client Configuration
# AirVPN_CA-Lesath_UDP-53
# --------------------------------------------------------
 
client
dev tun
proto udp
remote 184.75.221.2 53
resolv-retry infinite
nobind
ns-cert-type server
cipher AES-256-CBC
comp-lzo
verb 3
explicit-exit-notify 5
ca “ca_o1383270549.crt”
cert "user.crt"
key "user.key”
script-security 2
float
reneg-sec 0
plugin /lib/openvpn/openvpn-down-root.so /usr/syno/etc.defaults/synovpnclient/scripts/ip-down
log-append /volume1/Jay/AirVPN.log
 
 
Here is my file list from the NAS server:
 
JaysServer> pwd

/usr/syno/etc/synovpnclient/openvpn

JaysServer> ls -al

drwxr-xr-x    2 root     root          4096 Nov  1 21:21 .

drwxr-xr-x    7 root     root          4096 Oct 29 20:55 ..

-rw-r--r--    1 root     root          1562 Oct 31 22:35 ca.crt

-rwxr-xr-x    1 root     root          1562 Oct 31 22:42 ca_o1383270549.crt

-rw-r--r--    1 root     root           648 Nov  1 21:23 client_o1383270549

-rw-------    1 root     root           439 Nov  1 21:13 ovpn_o1383270549.conf

-rw-r--r--    1 root     root          5126 Oct 31 22:35 user.crt

-rw-r--r--    1 root     root          1675 Nov  1 21:21 user.key



#20 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7789 posts

Posted 02 November 2013 - 04:26 AM

Hello!

 

Please try to add the directive log-append to generate a log file which can be very useful for troubleshooting (feel free to send the logs).

 

Kind regards







Similar Topics Collapse

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Servers online. Online Sessions: 15511 - BW: 65077 Mbit/sYour IP: 34.226.208.185Guest Access.