Connect to SSL VPN from DiskStation?

Currently reading
Connect to SSL VPN from DiskStation?

144
32
jonohunt.design
NAS
DS1621+, DS1019+, DS218+
Operating system
  1. Linux
  2. macOS
  3. other
Mobile operating system
  1. iOS
Another VPN question 😊

I recently setup VPN Plus on a RT2600ac router, enabling OpenVPN and Synology's SSL VPN protocols.

I can connect to home via SSL VPN from different computers, iPhones etc. but can't see how to connect a Synology in a different location (for remote backups) to the VPN using SSL VPN.

I've connected that NAS to my home via OpenVPN, but wondering if it's not possible via Synology's SSL VPN?
 

fredbert

Moderator
NAS Support
Subscriber
3,589
1,431
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
I don't think DSM has a built-in SSL-VPN client, like it has for OpenVPN etc.

SSL-VPN remote access was originally, IIRC, aimed at enabling clientless secure access, meaning: providing there is access to a web browser then there is no need to install VPN clients or configure built-in support. It also has the benefit to add a web portal to access internal services.

Of course there's no reason why SSL-VPN can't be used for site-to-site VPN but Synology will need to add the client to DSM's Network Interface control panel.
 
144
32
jonohunt.design
NAS
DS1621+, DS1019+, DS218+
Operating system
  1. Linux
  2. macOS
  3. other
Mobile operating system
  1. iOS
Right, thanks for clarifying that.

I did notice that if I connect to the SSL VPN on my phone using the VPN Plus app I can access the remote NAS that's connected via OpenVPN, so it's pretty cool that VPN Plus Server on the RT2600ac handles the traffic over the 2 different protocols.

I think I'll leave it as it is for now with both running at the same time.
 

fredbert

Moderator
NAS Support
Subscriber
3,589
1,431
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Last edited:
I have the different, more secure, VPN services running in case there is a problem accessing one type from wherever I happen to be.

Regarding SRM site-to-site, it still only supports the same set of VPN technologies than DSM does, i.e. not SSL-VPN. In theory a DSM NAS can be setup as a perimeter device which is probably how we have got SRM. The site-to-site or client-to-site VPN difference is just a matter of LAN(s) access and routing.

I've never played with DSM making VPN client connections, say to another DSM NAS. I assume you need to ensure that the server side doesn't enforce LAN isolation on the client, if it's serving LAN devices.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Ok I thought that port 443 was necessary in order to access the Syno via mac Finder. In this case I close...
Replies
29
Views
2,820
do you have MS-CHAP v2 enabled as the authentication method on the client side?
Replies
20
Views
6,728
  • Question
That is correct. I can continue to connect to devices on my LAN. But opening a website for example just...
Replies
2
Views
399
  • Solved
I hope you figured out the fit solution for VPN by now. Nevertheless it is nice to come across someone...
Replies
10
Views
1,268
all the logs are in /var/log folder (and subfolders). try and ssh into your nas and locate it there
Replies
1
Views
1,062
Replies
11
Views
1,248
  • Question
It's not that core VPN client/server principles are fundamentally different, rather it's how the person...
Replies
7
Views
1,035

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Top