DSM 7 Can't reach home network through openvpn on android

Currently reading
DSM 7 Can't reach home network through openvpn on android

Hi

I have set up the openvpn server on DSM 7 and I've connected my phone through it with the redirect option uncommented.
The subnet on the vpn is different than the one on the home network, as recommended by the tutorial I followed.

I was expecting that the vpn server would redirect the clients requests to the local network, but I cannot reach for instance the nas config page.
When I connect to the nas config page from the wifi there's no problem loading it.

Can anyone help?

Thanks

Best regards
 
Last edited:
Hi

Thank you for answering.

The firewall is off until I get everything working

I can now reach the config page using the first address, thanks.

But I'd like to reach the rest of the network, I'll have other devices I want to reach. How can I reach them?



.
 
Last edited:
If you are using an external address to access the VPN of your NAS, like a DDNS address, then you also need to forward the UDP port used by the VPN on the router.

To reach the rest of the network, make sure to have the "Allow clients to access server's LAN" option enabled.
 
Thanks Marco

How do I do that?

Capture.JPG


I created a static route but It gets disabled
 
Thanks Marco

How do I do that?

View attachment 4827

I created a static route but It gets disabled

1) Make sure to have the option "Allow clients to access server's LAN" enabled.
2) Check what is your VPN UDP port, on my example is the "5555".
Schermata 2021-11-14 alle 11.23.34.png


3) Go to your router, search for Port Forwarding, and add the rule. On my example I used the 5555 port, and the IP 192.168.2.22 is the local IP of the NAS, change it with the local IP of your NAS.
Schermata 2021-11-14 alle 11.25.19.png
 
The allow clients on the lan is checked.

Capture.JPG


Wouldn't your rule allow access from outside the dmz? I can already connect to the vpn and get an ip on 192.168.10.0/24

I just want access to my main network 192.168.1.0/24 from the network of the vpn 192.168.10.0/24 from my android phone
 
Last edited:
I just want access to my main network 192.168.1.0/24 from the network of the vpn 192.168.10.0/24 from my android phone
On my case, by just enabling the "Allow clients to access server's LAN", I'm able to access local LAN and remote LAN, without further settings. But I connect from a Windows PC. Maybe is necessary to change also an option on the VPN app on your Android.

Which VPN app are you using on Android?

Eventually export again your VPN settings from NAS and import again on your Android app.
Also, check if you have the option "Bypass VPN for local networks" enabled, on your Android VPN app.
 
I'm using openvpn.

I've added to the server.ovpn file: push "route 192.168.1.0 255.255.255.0"

and uncommented: client-to-client

I'm not sure how to restart the vpn server. I've disabled and re-enabled the openvpn configuration

and still nothing

"Bypass VPN for local networks" can't find that option. But why? the destination network comes through the vpn
 
Last edited:
I was curious and I also tried to connect from an iPhone.
It wasn't working (able to connect, but not to access LAN), I tried many things, but nothing.

But now it work!

I removed the VPN configuration on the OpenVPN app on the phone.
I just used the exported ovpn file, changed the YOUR_SERVER_IP with DDNS address.
Renamed the file!
And imported again on the OpenVPN app on the iPhone.

I'm not sure if it was really this, but try to rename the file before importing it.
 
I figured it out after I read your post

The problem wasn't the config, the configuration was fine, the problem was the test

I tried to connect to the nas pages with the lan ip and it doesn't work, but if I access any other site on the lan it works.

Guess it doesn't allow vpn clients to connect that way, the clients can only access through nas vpn ip and not in the lan ip.

Thanks for you help
 
Ehm, me I use the LAN ip addresses of the devices, via VPN. Like when I'm phisically on the remote site.

Is maybe your phone on a wireless network equal to the remote LAN network?
For example:
WIFI: 192.168.1.0
Remote LAN: 192.168.1.0

If yes, you shoud change one network, for example to 192.168.2.0, by reconfiguring all devices.
 
No, I made sure the wifi was disconnected, it was all through mobile data

maybe some other configuration on the nas that has nothing to do with the vpn server?
If you added routes, try to remove them.

I suggest to uninstall VPN Server app from NAS (if asked, remove also the settings), then also uninstall the OpenVPN app on the phone (if asked, remove also the settings).

And then reinstall all. On VPN Server, add Privilege account, enable OpenVPN with "Allow clients to access server's LAN".

Export the configuration, set your address on file, rename the file, and import it on the OpenVPN app, and retry.
 
Hello

Sorry for the long time to update.
I uninstalled the VPN Server and reinstalled.

Same result, I can only access the nas pages through the vpn address, and not the lan address.
But I can access the other addresses on the lan.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top