VPN Problem! PPTP works, Openvpn+L2TP/Ipsec does not. Please help.

[Krusty]

I have a working VPN PPTP connection with the Synology app VPN server, between my hom computer and my office Synology NAS.

I have also successfully created a openvpn connection between the NAS and the openvpn connect client on my home pc. Its running, it gives me green light and I can ping the 10.8.0.1 on the NAS from home but I cant reach the shared folders and I cant reach the plugged in USB printer, which all works perfecctly with PPTP.

I have the right ports open UDP 1194, checked with yougetsignal.com , no active firewall in the NAS I have the right privileges set (same user as over PPTP

I have tried for days to get this to work. I begin to suspect the router which is a Google Wifi router, but I dont know where to begin. Is it the router, is it protocol or encryption?
It connects all fine with openvpn but I cannot reach the resources. But works on PPTP
Any suggestions?

 

[Rusty]

Any suggestions?

1st one would be to stop using pptp. Its just unsafe and best to forget about it.

Regarding openvpn, you mentioned that you have no firewall active on the NAS side and that you can reach your NAS but cant access your folders. What exact method are you using here? Also, what OS are you running on your computer?

 

[Krusty]

Hi and thank for helping.
I have the firewall enabled in the Google Wifi router with port UDP 1194 open.
The only thing I really need is to reach the USB printer that is connected to my office Synology.
At home I have Windows 10 and using the openvpn connect client with the exported certificates and ovpn file from the remote synology. Connecting this all seems fine in the openvpn client. It connects and stays connected. But trying to reach the printer through TCP/IP does not find anything.
Connecting to the exact same printer connected with PPTP works perfectly fine.

The inly thing I can think fo is that the zip that exports from yhe openvpn in the router contains two certificate files and the .ovpn file. In all tutorials they only drag and drop the ovpn file to the windows 10 opnvpn connect client. I have done that too. I havent done anything with the two certificate files.

Is that correct?

 

[fredbert]

What happens if you try to access the NAS using it’s OpenVPN gateway IP address rather than the LAN IP?

 

[Rusty]

Is that correct?

yes should be just fine, and as you can see it works. So the problem here is getting to your printer. If its a USB-connected printer to you nas, how are you getting to that printer? I mean how are you trying to configure it on your Win side?

 

[Krusty]

@fredbert Do you mean the Private IP that is stated in the openvpn connect app when connected? In my case 10.8.0.6 ?

@Rusty WHan Im connected with PPTP I just try to install a printer with my office NAS internal IP address. In this case the Synology NAS har internal ip 192.168.86.34 . If I try to install a TCP/IP printer here at hom with that internal IP my usb printer connected to the office nas shows up and installs just perfect.

-- post merged: 16. Dec 2020 --

I amgeneraly using the cloudflare gateway 1.1.1.1 and secondary 1.0.0.1 on both router and NAS in the office. Would it matter to point the NAS gateway towards the router instead?

 

[fredbert]

You mentioned 10.8.0.1 before. If 10.8.0.0/24 is the OpenVPN subnet then usually .1 is the gateway IP (the OpenVPN server being the gateway for its client to get access to other networks).

 

[Krusty]

@fredbert Yes I can ping 10.8.0.1 from my home pc with CMD
looks like this:
Pinging 10.8.0.1 with 32 bytes of data:
Reply from 10.8.0.1: bytes=32 time=9ms TTL=64
Reply from 10.8.0.1: bytes=32 time=11ms TTL=64
Reply from 10.8.0.1: bytes=32 time=9ms TTL=64
Reply from 10.8.0.1: bytes=32 time=9ms TTL=64

Ping statistics for 10.8.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 11ms, Average = 9ms

But I dont know how to map the drive from

Also, I cannot ping my external IP at the office xxx.xxx.xx.xxx
C:\Users\NIL>ping xxx.xxx.xx.xxx

Pinging xxx.xxx.xx.xxx with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for xxx.xxx.xx.xxx:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),


But if I ping my Synologys DDNS address that i got from synology it self behind that external IP I get pings from Synologys IP

ping xxxxx-synology.de8.quickconnect.to

Pinging xxxx-synology.de8.quickconnect.to [185.102.219.107] with 32 bytes of data:
Reply from 185.102.219.107: bytes=32 time=29ms TTL=56
Reply from 185.102.219.107: bytes=32 time=29ms TTL=56
Reply from 185.102.219.107: bytes=32 time=29ms TTL=56
Reply from 185.102.219.107: bytes=32 time=29ms TTL=56

Ping statistics for 185.102.219.107:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 29ms, Average = 29ms

I dont know what to try now...

 

[Krusty]

in the VPNconfig.ovpn should I put something here? I did not find any tutorial telling me to do that.
#dhcp-option DNS DNS_IP_ADDRESS

 

[WST16]

in the VPNconfig.ovpn should I put something here? I did not find any tutorial telling me to do that.
#dhcp-option DNS DNS_IP_ADDRESS

You can try your DNS server IP address.
This is my configuration for reference:
Post in thread '[Newbie] OpenVPN and MAC, not working at all, how to config?'
Solved - [Newbie] OpenVPN and MAC, not working at all, how to config?