VPN Plus Server Adding subnets on server side

Currently reading
VPN Plus Server Adding subnets on server side

2
0
NAS
DS1815+, DS415+
Router
  1. RT2600ac
Operating system
  1. macOS
  2. Windows
Mobile operating system
  1. iOS
It's a little unclear to me how to permit access to other subnets besides the server LAN subnet via Synology Plus Server. It seems that the Object address pool is what this is for, but I can't seem to make that work.

I have two plants that connect to the corporate headquarters via VPN (on RT2600ac routers). The two plants also have a tunnel between them. All this works just as expected. And, when I connect as a client (via Synology SSL or OpenVPN) to either plant, I have access to the respective LAN. No problem.

All subnets are unique.

However, I'd like to expand that access for the client so that I can access other plants, without having to connect directly to their subnet. How do I get the VPN server to advertise the desired subnets or IPs?
I've tried adding the subnets to Synology Objects. Not working. Or, am I not understanding its use? Is there documentation on this?
When connected to plant 1 on OpenVPN, I can't, for example, add push "route 192.168.2.0 255.255.255.0" for the server, or can I?

Used to have a Cisco RV320 router that had a OpenVPN server builtin and it allowed me to connect to all subnets on the VPN. But, it was so slow. This Synology Router is a massive improvement in speed.

Any assistance would be helpful. Thanks!
 
You haven't mentioned which protocol you are using when connecting a client to your VPN. If you are using OpenVPN, then you are out of luck.

For example: Synology's OpenVPN server implementation only supports a TUN interface. This means it's un-routable and it's clients end up on a different subnet unknown to the other routers.

Synology's VPN PLUS SSL VPN:
1601395807369.png


As you can see here it does have the option to place VPN clients into the same subnet of the LAN, and thus is also routable and can also connect to sources in your other S2S connected networks.

I use this same solution.

PS: But if I had the money I'd go for Ubiquiti networks because Synology routers sucks when it comes to routing...
 
Thanks, Shadow, for your input.
Didn't realize the Client IP range works that way. Thanks.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Hi All, We use an Amazon Fire Stick on our TV (which is old and doesn't have any apps built-in. Will be...
Replies
0
Views
537

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top