Setup Synology OpenVPN Server (easy, secure, remote access)

Introduction

In this tutorial, we will walk through the steps to set up an OpenVPN server on your Synology NAS. This setup provides secure remote access to your local network, allowing you to access your Synology NAS and other devices from anywhere in the world through a VPN tunnel.

Step 1: Understand VPN vs VPN Server

• VPN (Virtual Private Network): A service that allows you to connect to the internet securely and privately by encrypting your data.
• VPN Server: A server that accepts VPN connections and allows users to securely access a private network. Setting up your own VPN server gives you control over your data and connection.

Step 2: OpenVPN Setup

1. Access your Synology NAS:

   • Open your web browser and log in to the Synology DiskStation Manager (DSM).

2. Install VPN Server Package:

   • Navigate to Package Center.
   • Search for VPN Server and install it.

3. Configure OpenVPN:

   • Open the VPN Server application.
   • Select OpenVPN from the menu.
   • Check the box to enable OpenVPN.
   • Configure the following settings:
     • Dynamic IP address range: Specify the IP range for connected clients.
     • Encryption: Choose encryption options according to your needs.

4. Export the Configuration File:

   • Click on the Export Configuration button to download the OpenVPN configuration file. This file will be needed for the client setup.

Step 3: Open Port on Firewall

• Ensure that your Synology NAS firewall allows traffic on the OpenVPN port (default is 1194).
• Go to Control Panel > Security > Firewall.
• Create a new rule to allow traffic on UDP port 1194.

Step 4: Port Forwarding on Your Router

1. Access your router's settings:

   • Open your web browser and enter your router's IP address.
   • Log in with your credentials.

2. Find Port Forwarding settings:

   • Look for the Port Forwarding or NAT section in your router settings.

3. Add a new port forwarding rule:

   • Forward UDP port 1194 to the IP address of your Synology NAS.

Step 5: Enable DDNS

1. Go to Control Panel:

   • Open Control Panel on your Synology NAS.

2. Select External Access:

   • Navigate to DDNS.

3. Set up DDNS:

   • Choose a DDNS service provider and create a hostname.
   • Enter your DDNS credentials and save the settings.

Step 6: Export and Edit VPN Configuration

• Open the downloaded OpenVPN configuration file using a text editor.
• Update the following lines:
  • Change the remote line to your DDNS hostname instead of the IP address.
  • Save the changes to the configuration file.

Step 7: OpenVPN Connect

1. Download OpenVPN Client:

   • Download the OpenVPN client for your operating system from OpenVPN's official website.

2. Import Configuration:

   • Open the OpenVPN client and import the edited configuration file.

3. Connect to OpenVPN:

   • Launch the OpenVPN client and connect using the imported configuration.

Step 8: Accessing Files from Anywhere Using SMB

• Use the SMB protocol to access your Synology NAS files securely over the VPN connection.
• Connect to your NAS using the local IP address or hostname specified in your configuration.

Step 9: Additional Configuration Options

• Explore further settings in the VPN Server to enhance security and customize your VPN experience.
• Consider enabling two-factor authentication for added security.

Conclusion

Setting up an OpenVPN server on your Synology NAS provides a secure way to access your network from anywhere. By following these steps, you can ensure that your data remains protected while you enjoy remote access. For further enhancements, explore additional configuration options or consult the Synology forums for community support.