{"id":2259,"date":"2021-05-09T18:20:34","date_gmt":"2021-05-09T22:20:34","guid":{"rendered":"http:\/\/matthannan.net\/blog\/?p=2259"},"modified":"2021-05-09T18:28:01","modified_gmt":"2021-05-09T22:28:01","slug":"synology-nas-vpn-server","status":"publish","type":"post","link":"https:\/\/matthannan.net\/blog\/synology-nas-vpn-server\/","title":{"rendered":"Synology NAS VPN Server"},"content":{"rendered":"\n<p>It has been a long while since I wrote about VPN servers. This is because of the change of job, and then working from home for over a year because of COVID-19. But I have kept playing with the technology over the years. The old <a href=\"https:\/\/www.softether.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">SoftEther VPN<\/a> is long gone. I am messing about with <a href=\"https:\/\/openvpn.net\/\" target=\"_blank\" rel=\"noreferrer noopener\">OpenVPN<\/a> now, but I have <a href=\"https:\/\/kcore.org\/2019\/12\/29\/wireguard-on-synology-diskstation\/\" target=\"_blank\" rel=\"noreferrer noopener\">my sights<\/a> on <a href=\"https:\/\/www.wireguard.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Wireguard<\/a>.<\/p>\n\n\n\n<p>Today is Mother&#8217;s Day. I woke up with a pounding headache and some issues going on down below, so Jenny took the kid and they amscrayed off to her mother&#8217;s for the afternoon. After getting the Unifi Controller working on the Synology NAS, I looked at getting the syslog server working on it, but after an hour or so, I am convinced there is a bug. I then finally addressed and got the Let&#8217;s Encrypt SSL certificate situation sorted, which is super good news. Thank you, SpaceRex! I&#8217;ve given up on trying to tie the NAS to my matthannan.net domain and just went with the Synology DDNS name.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/AqakuZfPuQo?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\"><\/iframe><\/span>\n<\/div><\/figure>\n\n\n\n<p>With the SSL cert working, I then started looking at why the OpenVPN server stopped working. I finally figured it out that when I changed from the single NIC to the dual-link setup, this is what broke it. As you can see below, it needs to be bond1. I found it set to eth0.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2021\/05\/image-2.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"349\" data-attachment-id=\"2260\" data-permalink=\"https:\/\/matthannan.net\/blog\/synology-nas-vpn-server\/image-2-4\/\" data-orig-file=\"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2021\/05\/image-2.png?fit=695%2C379&amp;ssl=1\" data-orig-size=\"695,379\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"image-2\" data-image-description=\"\" data-image-caption=\"\" data-large-file=\"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2021\/05\/image-2.png?fit=640%2C349&amp;ssl=1\" src=\"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2021\/05\/image-2.png?resize=640%2C349&#038;ssl=1\" alt=\"\" class=\"wp-image-2260\" srcset=\"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2021\/05\/image-2.png?w=695&amp;ssl=1 695w, https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2021\/05\/image-2.png?resize=300%2C164&amp;ssl=1 300w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/figure>\n\n\n\n<p>Then there was a little fiddling with the firewall on the NAS, and making sure that the right holes were punched in the router&#8217;s firewall, too. Again, my pal SpaceRex helped me with that.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/1aaqqw3eQac?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;start=432&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\"><\/iframe><\/span>\n<\/div><\/figure>\n\n\n\n<p>His explanation here on punching holes in the router is aces. Synology really worked some kind of magic on this process. My router does not do SNMP and I never provided it with the password, so I am really amazed and scared at how they are pulling off this stunt.<\/p>\n\n\n\n<p>But now the iPhone is connected back to the OpenVPN server, which is great. After an hour&#8217;s nap, I am feeling a bit better in head and gut. It has been a decent day of geeking. Now I am relaxing with a little Martin Zero.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/Oqx2zFWNmns?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\"><\/iframe><\/span>\n<\/div><\/figure>\n\n\n\n<p>It is just not a Sunday without seeing this guy walk around in strange underground places.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>It has been a long while since I wrote about VPN servers. This is because of the change of job, and then working from home for over a year because of COVID-19. But I have kept playing with the technology &hellip; <a href=\"https:\/\/matthannan.net\/blog\/synology-nas-vpn-server\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[5,9],"tags":[94,214,98,587,566,282,589,279,588,573],"class_list":["post-2259","post","type-post","status-publish","format-standard","hentry","category-geek","category-life","tag-calin","tag-geeking","tag-jenny","tag-mothers-day","tag-nas","tag-openvpn","tag-pig-latin","tag-softether","tag-spacerex","tag-synology"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p2NxlE-Ar","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":1181,"url":"https:\/\/matthannan.net\/blog\/softether-vpn-and-the-raspberry-pi\/","url_meta":{"origin":2259,"position":0},"title":"SoftEther VPN and the Raspberry Pi","author":"matthannan","date":"16 October 2017","format":false,"excerpt":"I finally bit the bullet and migrated the SoftEther VPN server to the Raspberry Pi. The holdup was the public hostname that the remote client looks for. This hostname seems to be one of the reasons that this solution works for my particular case at all. Maybe not the hostname,\u2026","rel":"","context":"In &quot;Geek&quot;","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2017\/10\/6711193758.png?fit=350%2C200&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":976,"url":"https:\/\/matthannan.net\/blog\/victory-is-compromise\/","url_meta":{"origin":2259,"position":1},"title":"Victory is&#8230;compromise","author":"matthannan","date":"30 December 2016","format":false,"excerpt":"Before I left work yesterday, I started the process to nuke the hard drive in my AT&T laptop. With the holiday looming, I wanted to get it in the mail back to my soon to be former boss ASAP. This also left me with finally landing my personal laptop on\u2026","rel":"","context":"In &quot;Geek&quot;","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":922,"url":"https:\/\/matthannan.net\/blog\/openvpn-for-windows\/","url_meta":{"origin":2259,"position":2},"title":"OpenVPN&#8230;for Windows","author":"matthannan","date":"17 December 2016","format":false,"excerpt":"So, like most times I post to the Internet that I am having an issue with something, the answer becomes immediately available. This time, I said that OpenVPN seemed to be Linux-only. Well, it turns out that this is not so much the case. While reading an article comparing SoftEther\u2026","rel":"","context":"In &quot;Geek&quot;","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"OpenVPN","src":"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2016\/12\/openvpn-300x173.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":908,"url":"https:\/\/matthannan.net\/blog\/softether-vpn\/","url_meta":{"origin":2259,"position":3},"title":"SoftEther VPN","author":"matthannan","date":"16 December 2016","format":false,"excerpt":"So, long story short, I will no longer be an AT&T employee as of Dec 31. On Jan 1, I begin the next chapter in my career, working for a small company based out of North Carolina. They usually are a contractor shop, but due to the nature of the\u2026","rel":"","context":"In &quot;Geek&quot;","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1129,"url":"https:\/\/matthannan.net\/blog\/softether-vpn-part-2\/","url_meta":{"origin":2259,"position":4},"title":"SoftEther VPN, Part 2","author":"matthannan","date":"12 July 2017","format":false,"excerpt":"So, SoftEther VPN has been cranking along nicely for me for months now. I really love it. It stays out of the way and does exactly what it is supposed to do. I just bought a Raspberry Pi 3 Model B. I did this for a couple of reasons. The\u2026","rel":"","context":"In &quot;Life&quot;","block_context":{"text":"Life","link":"https:\/\/matthannan.net\/blog\/category\/life\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":914,"url":"https:\/\/matthannan.net\/blog\/softether-vpn-follow-up\/","url_meta":{"origin":2259,"position":5},"title":"SoftEther VPN, follow-up","author":"matthannan","date":"17 December 2016","format":false,"excerpt":"I am writing at work on my laptop which is connected via WiFi to the guest network. This guest network dumps you straight out to the Internet, but subjects you to internal proxy rules. No Social Web anything. And, quite honestly, screw these guys and their data collections. I am\u2026","rel":"","context":"In &quot;Geek&quot;","block_context":{"text":"Geek","link":"https:\/\/matthannan.net\/blog\/category\/geek\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2016\/12\/extendedLAN.png?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2016\/12\/extendedLAN.png?resize=350%2C200 1x, https:\/\/i0.wp.com\/matthannan.net\/blog\/wp-content\/uploads\/2016\/12\/extendedLAN.png?resize=525%2C300 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/posts\/2259","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/comments?post=2259"}],"version-history":[{"count":3,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/posts\/2259\/revisions"}],"predecessor-version":[{"id":2263,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/posts\/2259\/revisions\/2263"}],"wp:attachment":[{"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/media?parent=2259"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/categories?post=2259"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/matthannan.net\/blog\/wp-json\/wp\/v2\/tags?post=2259"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}