Install the app
How to install the app on iOS

Follow along with the video below to see how to install our site as a web app on your home screen.

Note: This feature may not be available in some browsers.

Solved OpenVPN Server not working properly after DSM Update

As an Amazon Associate, we may earn commissions from qualifying purchases. Learn more...

Ok. Same device (mobile phone?), put it on airplane mode and enable WiFi.
This way we take the router out of the picture and we’re on the LAN.
Connect to the VPN service. Can you ping?

Okay, Yes still same device. So airplane on and WIFI enable a get connected to the VPN Server I see my device with the assigned IP, but when I ping 192.168.5.1 it is lost again no connection
 
I'm going try something else. I'm going to install OpenVPN-as in my docker and see if I can connect
 
Ok. Anyway, the test makes no sense in the context of a VPN connection since traffic is tunneled anyway. But we’re throwing things at the wall now :)

Can you go to security and check if there’s anything under Account in the allow/block list.

You better make it work, I’m running out of ideas :)
 
A bit late to ask this, but I’m sure you’ve tried restarting the whole NAS right? :D

Yes, I've restarted the NAS;)
Also nothing in the allow/blocklist

We're definitely hitting a wall here:)
I'm going to try the openvpn-as docker version see how I goes
 
After the changes we tried, did you export the configuration to the client and tried, or did you try with the old configuration?

:unsure: I used the old config files, but I think It shouldn't make a difference..?
 
Not sure. maybe you can try exporting as a final check.

Okay,
So I have exported a new config file and tried that one...OMG Guess what I could ping the VPN IP 192.168.5.1
Then I tried to ping my NAS IP 192.168.178.110 that failed. So next I tried my VDSM IP 192.168.178.115 and I could ping that one as well.
Then I tried to connect with DS File app with my:
- sub.domainname.com (which failed)
- IP NAS 192.168.178.110 (failed)
- IP 192.168.5.1 (connected could login)

So I guess the new config file did the trick!
Now I have to figure out how to connect/login again with my domain, because that was how it was before
For now thanks for your help! :)
 
Everything is working again as it was before:love:

This is how I manage to login with my domain-name

I’ve been using the default DNS Server for years so the setup was relatively easy for me.
This can only be done if you already have the DNS Server running otherwise you need to setup DNS Server first.

A simple walk through


1. create a view call and it e.g. LAN
2. Limit source IP service with your NAS IP range (e.g. 192.168.1.0/255.255.255.0)
3. Tab Select Zone, select your Zone ID (the first master zone you already have)
4. Go back to Zone and create a new master zone for your domain, but this time with the IP range of the VPN e.g. (10.8.0.1)
5. Then go back to Views and create a second view e.g. VPN
6. Tab Select Zone, select your Zone ID (the second master zone you just created)
7. Limit source IP service with your NAS IP range (e.g. 10.8.0.1/255.255.255.0)
8. Next you need to add the IP of your VPN Server to the config file (see example)

Code:
dev tun
tls-client

<your_remote_server> 1194


# The "float" tells OpenVPN to accept authenticated packets from any address,
# not only the address which was specified in the --remote option.
# This is useful when you are connecting to a peer which holds a dynamic address
# such as a dial-in user or DHCP client.
# (Please refer to the manual of OpenVPN for more information.)

#float

# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)

redirect-gateway def1

# dhcp-option DNS: To set primary domain name server address.
# Repeat this option to set secondary DNS server addresses.

dhcp-option DOMAIN example.com #<<<==== add here your domain
dhcp-option DNS 10.8.0.1      #<<<==== add here your vpnservers ip

pull

9. import the new config file to your clients and if al goes well you can now login with your domain-name instead of the IP address.

Hope this helps
 
Excellent. I’m glad all is back to the way you want it and thank you for sharing.
But any idea what went wrong in the first place?!

@JME81, take note of this. That’s why I said, there is a way with OpenVPN, although I’ve never tried it. You might want to consider the above.
 
Excellent. I’m glad all is back to the way you want it and thank you for sharing.
But any idea what went wrong in the first place?!

@JME81, take note of this. That’s why I said, there is a way with OpenVPN, although I’ve never tried it. You might want to consider the above.

First of all Thanks for helping! But no I cannot pinpoint what the problem was and what caused it.
But lesson learned write everything down when changing settings and then test everything again ;) :D
 
You’re welcome. I don’t think I’ve contributed anything useful :)

But now we know where to go when we have an OpenVPN problem, especially that you’ve everything written down now ;)

I will reference your domain configuration instructions in the OpenVPN resource by linking to your message above. I hope that’s ok.
 
You’re welcome. I don’t think I’ve contributed anything useful :)

But now we know where to go when we have an OpenVPN problem, especially that you’ve everything written down now ;)

I will reference your domain configuration instructions in the OpenVPN resource by linking to your message above. I hope that’s ok.
Sure no problem..
 
Last edited:
Are you guys sure you’ve added a rule in the DSM firewall that allows the vpn subnet to get to NAS?

My openvpn clients come in on the 10.x.x.x subnet, and then I added an 'Allow' firewall rule under vpn network connection for all ports/services to the NAS.

Capture.webp
 
Are you guys sure you’ve added a rule in the DSM firewall that allows the vpn subnet to get to NAS?

My openvpn clients come in on the 10.x.x.x subnet, and then I added an 'Allow' firewall rule under vpn network connection for all ports/services to the NAS.

View attachment 706
Thanks m8 for your suggestions, but the problem was reported as solved already. Just forgot to mark it as solved ;)
 
Are you guys sure you’ve added a rule in the DSM firewall that allows the vpn subnet to get to NAS?

My openvpn clients come in on the 10.x.x.x subnet, and then I added an 'Allow' firewall rule under vpn network connection for all ports/services to the NAS.

View attachment 706
[automerge]1634214296[/automerge]
Just made an account to thank you for that! I was searching for god knows how long and the fix for me was as simple as that! Thank you! Problem solved, life goes on, Halleluijah!
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Popular tags from this forum

Similar threads

It seems that it is not compatible with DSM (at least for the moment). I have tested it on a 920S+ and it...
Replies
1
Views
835
No, but next time I go to my friends place I'll bring my config file and put it on her system and try it...
Replies
36
Views
1,186

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending content in this forum

Back
Top