- #Synology vpn plus 443 diskstation how to
- #Synology vpn plus 443 diskstation for mac
- #Synology vpn plus 443 diskstation mac os
iOS is explained on this page (only in german but with screenshots).
#Synology vpn plus 443 diskstation for mac
Therefore this is again a little biased 🙂 The installation of the clients for Mac and Windows is explained on Synology’s page. #plugin /var/packages/VPNCenter/target/lib/radiusplugin.so /var/packages/VPNCenter/target/etc/openvpn/radiusplugin.cnf #you can enable this line temporary to view log with "tail -f -n 100 /var/log/openvpn.log": #key /var/packages/VPNCenter/target/etc/openvpn/keys/server.key #cert /var/packages/VPNCenter/target/etc/openvpn/keys/server.crt Connect via SSH to your DiskStationĭisable user authentication on the DiskStation and enable the certificate based authentication (code taken from this wiki) in this file: /usr/syno/etc/packages/VPNCenter/openvpn/nf #ca /var/packages/VPNCenter/target/etc/openvpn/keys/ca.crt For more details see Synology’s instructions. Configure the VPN ServerĮnable OpenVPN from the Settings of the VPN Server. Its configuration is done from the start menu. Install the VPN Server from Synology’s Package Center. If you take a look at the certificate tab of the DiskStation’s security setting, you will see that your new server certificate is active. After a reload and the instructions from step 4, this warning should go away.
Eventually you’ve been warned by your browser about a security issue (you did not trusted your root CA, therefore the web page was untrusted). Reload the web interface of your DiskStationĪfter you’ve set the certificate, the web interface should have been reloaded.
#Synology vpn plus 443 diskstation mac os
I’m using Mac OS where I can easily add the root CA certificate as an always trusted certificate. The next step depends on your computers OS. Only with this additional certifacte the trust chain is complete. This is the certificate of your self signed root CA. However, the intermediate certificate is the tricky part I forgot. The Private Key and Certificate fields are straight forward. You can define and upload a certificate there: There’s a nice new Security setting in the system settings. Configure the DiskStation to use the server certificate Be aware to use the assigned DNS name, otherwise your browser will complain when you try to connect to the web interface of the DiskStation. Create a certificate for your DiskStationĬreate a new Certificate for your DiskStation. A useful tool is XCA but you can also do this from the terminal.
#Synology vpn plus 443 diskstation how to
That’s why I’m showing you today how to configure the official Synology VPN server to use OpenVPN with client certificates instead of username/password.įirst of all you need your own self-signed root CA. The holidays are near and I want to have access to my files on my Synology NAS, while I’m visiting my family.
0 kommentar(er)
