Solved OpenVPN Server not working properly after DSM Update

Currently reading
Solved OpenVPN Server not working properly after DSM Update

Ok. Same device (mobile phone?), put it on airplane mode and enable WiFi.
This way we take the router out of the picture and we’re on the LAN.
Connect to the VPN service. Can you ping?

Okay, Yes still same device. So airplane on and WIFI enable a get connected to the VPN Server I see my device with the assigned IP, but when I ping 192.168.5.1 it is lost again no connection
 
Ok. Anyway, the test makes no sense in the context of a VPN connection since traffic is tunneled anyway. But we’re throwing things at the wall now :)

Can you go to security and check if there’s anything under Account in the allow/block list.

You better make it work, I’m running out of ideas :)
 
Not sure. maybe you can try exporting as a final check.

Okay,
So I have exported a new config file and tried that one...OMG Guess what I could ping the VPN IP 192.168.5.1
Then I tried to ping my NAS IP 192.168.178.110 that failed. So next I tried my VDSM IP 192.168.178.115 and I could ping that one as well.
Then I tried to connect with DS File app with my:
- sub.domainname.com (which failed)
- IP NAS 192.168.178.110 (failed)
- IP 192.168.5.1 (connected could login)

So I guess the new config file did the trick!
Now I have to figure out how to connect/login again with my domain, because that was how it was before
For now thanks for your help! :)
 
Everything is working again as it was before:love:

This is how I manage to login with my domain-name

I’ve been using the default DNS Server for years so the setup was relatively easy for me.
This can only be done if you already have the DNS Server running otherwise you need to setup DNS Server first.

A simple walk through


1. create a view call and it e.g. LAN
2. Limit source IP service with your NAS IP range (e.g. 192.168.1.0/255.255.255.0)
3. Tab Select Zone, select your Zone ID (the first master zone you already have)
4. Go back to Zone and create a new master zone for your domain, but this time with the IP range of the VPN e.g. (10.8.0.1)
5. Then go back to Views and create a second view e.g. VPN
6. Tab Select Zone, select your Zone ID (the second master zone you just created)
7. Limit source IP service with your NAS IP range (e.g. 10.8.0.1/255.255.255.0)
8. Next you need to add the IP of your VPN Server to the config file (see example)

Code:
dev tun
tls-client

<your_remote_server> 1194


# The "float" tells OpenVPN to accept authenticated packets from any address,
# not only the address which was specified in the --remote option.
# This is useful when you are connecting to a peer which holds a dynamic address
# such as a dial-in user or DHCP client.
# (Please refer to the manual of OpenVPN for more information.)

#float

# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)

redirect-gateway def1

# dhcp-option DNS: To set primary domain name server address.
# Repeat this option to set secondary DNS server addresses.

dhcp-option DOMAIN example.com #<<<==== add here your domain
dhcp-option DNS 10.8.0.1      #<<<==== add here your vpnservers ip

pull

9. import the new config file to your clients and if al goes well you can now login with your domain-name instead of the IP address.

Hope this helps
 
Excellent. I’m glad all is back to the way you want it and thank you for sharing.
But any idea what went wrong in the first place?!

@JME81, take note of this. That’s why I said, there is a way with OpenVPN, although I’ve never tried it. You might want to consider the above.

First of all Thanks for helping! But no I cannot pinpoint what the problem was and what caused it.
But lesson learned write everything down when changing settings and then test everything again ;) :D
 
You’re welcome. I don’t think I’ve contributed anything useful :)

But now we know where to go when we have an OpenVPN problem, especially that you’ve everything written down now ;)

I will reference your domain configuration instructions in the OpenVPN resource by linking to your message above. I hope that’s ok.
 
You’re welcome. I don’t think I’ve contributed anything useful :)

But now we know where to go when we have an OpenVPN problem, especially that you’ve everything written down now ;)

I will reference your domain configuration instructions in the OpenVPN resource by linking to your message above. I hope that’s ok.
Sure no problem..
 
Last edited:
Are you guys sure you’ve added a rule in the DSM firewall that allows the vpn subnet to get to NAS?

My openvpn clients come in on the 10.x.x.x subnet, and then I added an 'Allow' firewall rule under vpn network connection for all ports/services to the NAS.

Capture.PNG
 
Are you guys sure you’ve added a rule in the DSM firewall that allows the vpn subnet to get to NAS?

My openvpn clients come in on the 10.x.x.x subnet, and then I added an 'Allow' firewall rule under vpn network connection for all ports/services to the NAS.

View attachment 706
Thanks m8 for your suggestions, but the problem was reported as solved already. Just forgot to mark it as solved ;)
 
Are you guys sure you’ve added a rule in the DSM firewall that allows the vpn subnet to get to NAS?

My openvpn clients come in on the 10.x.x.x subnet, and then I added an 'Allow' firewall rule under vpn network connection for all ports/services to the NAS.

View attachment 706
-- post merged: --

Just made an account to thank you for that! I was searching for god knows how long and the fix for me was as simple as that! Thank you! Problem solved, life goes on, Halleluijah!
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

If I use ssh or webdav I connect directly to the IP address that OpenVPN provides. As for Plex, I just...
Replies
2
Views
2,210
So from this, it looks like that VPN works fine while outside your lan. That is the whole point. In this...
Replies
7
Views
3,845
  • Question
Instead of trying hostname, can you do your public IP address? Edit the openvpn config and put your...
Replies
16
Views
3,488
Thanks Fredbert. My (memory!) error. Reinstallation of the certificate got OpenVPN back up and running.
Replies
2
Views
1,728
  • Question
Everything else that I have asked you. This could be a cap at work. Maybe network team is controlling...
Replies
4
Views
920
My apologies to all. Recently had to rebuild my PC and reset my phone. Just deleted everything from...
Replies
10
Views
1,036
I have WireGuard running on my router and can access my local LAN and Synology from outside and browse the...
Replies
0
Views
788

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top