RT2600ac when running a VPN on my router, can i target just Download station and nothing else?

Currently reading
RT2600ac when running a VPN on my router, can i target just Download station and nothing else?

22
5
NAS
DS918+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
I know I can put my DS918+ IP through a VPN, using my router, whilst letting everything else in my network run on the WAN connection. However I find that when I try to remotely stream media from my NAS on Plex or DS Video, it is very slow and laggy due to not being able to port forward. The VPN internet speed is usually around 30-40 mbps, so I don't think the VPN itself is the problem. On research, you can't run port forwarding on expressVPN via manual configuration, unless you have the App on your router (Synology doesn't support at present). Is there a way of putting JUST Download Station through a VPN, but nothing else?
 

Rusty

Moderator
NAS Support
2,516
758
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
You could set up Multiple gateway setting in the advanced section of network settings to allow fo your nas services to run even if the tunnel is active.
 
22
5
NAS
DS918+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Screenshot 2020-06-22 at 17.49.16.pngDo you mean this? It was already selected.
 

Rusty

Moderator
NAS Support
2,516
758
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
In that case, if would recommend removing VPN from your NAS completely if downloads are just what you are after. Instead, run a torrent client via docker with a built-in VPN option. This way the download manager will be isolated in the tunnel and your NAS will not have any VPN penalty.

 
22
5
NAS
DS918+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
In that case, if would recommend removing VPN from your NAS completely if downloads are just what you are after. Instead, run a torrent client via docker with a built-in VPN option. This way the download manager will be isolated in the tunnel and your NAS will not have any VPN penalty.


Thanks very much for the info. Will look into it and see if I can figure out docker.
 

Rusty

Moderator
NAS Support
2,516
758
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Just write back if you get stuck.
 
1,519
649
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
Last edited:
Hi @Rusty

I’m giving this a shot with the new 1019+
It looks like I’m almost there. Just one thing. In the log, it says:
Code:
Options error: You must define CA file (--ca) or CA path (--capath)

I have the certificate file. I can add it to the same folder as the Openvpn file. I just don’t know how to tell docker to use it. Need something to add to that “single line”.

Thank you for your usual help :)
 

Rusty

Moderator
NAS Support
2,516
758
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Hi @Rusty

I’m giving this a shot with the new 1019+
It looks like I’m almost there. Just one thing. In the log, it says:
Code:
Options error: You must define CA file (--ca) or CA path (--capath)

I have the certificate file. I can add it to the same folder as the Openvpn file. I just don’t know how to tell docker to use it. Need something to add to that “single line”.

Thank you for your usual help :)
What vpn provider is in question?
 
1,519
649
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
What vpn provider is in question?
Mullvad.
I can configure it with no problems on the DiskStation as a VPN profile. So it’s working (for all traffic). Having it for qbittorrent as described above would be much better If possible.
 

Rusty

Moderator
NAS Support
2,516
758
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
So cert is not the part of the ovpn file? Is there any reference into it that points to it?
 
1,519
649
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
I don’t think it’s part of the OVPN file.

The mullvad_ca.crt is provided as a separate file. If I create a vpn profile under the network interface, I must browse for it and add it in the CA certificate field.
 

Rusty

Moderator
NAS Support
2,516
758
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
I don’t think it’s part of the OVPN file.

The mullvad_ca.crt is provided as a separate file. If I create a vpn profile under the network interface, I must browse for it and add it in the CA certificate field.
in that case edit the ovpn file and add rows that reference your cer and key files (depending what you need).

Look at line 78-80 in this file as an example :

 
22
5
NAS
DS918+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
can I ask what I place here:

-e "LAN_NETWORK=192.168.1.0/24" \ - is this the NAS ip?
-e "NAME_SERVERS=8.8.8.8,8.8.4.4" \ - not sure what this is?

Im getting there, watching lots of YouTube videos.
 

Rusty

Moderator
NAS Support
2,516
758
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
The 1st variable is your LAN network subnet not the nas ip address. So it has to be written down in the form that matches your own network subnet

The second variable are public or local ip address of DNS server you want to use. In this example Google public dns servers are used.
 
1,519
649
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
in that case edit the ovpn file and add rows that reference your cer and key files (depending what you need).

Look at line 78-80 in this file as an example :

Sorry @Rusty. My mistake, the Mullvad ovpn file contains this reference:

ca mullvad_ca.crt

So it’s already there. But the other two that are referenced in the sample file (your mentioned lines) are not included in their ovpn file.

I will try contacting their support and see if they can offer any pointers.
 

Rusty

Moderator
NAS Support
2,516
758
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Sorry @Rusty. My mistake, the Mullvad ovpn file contains this reference:

ca mullvad_ca.crt

So it’s already there. But the other two that are referenced in the sample file (your mentioned lines) are not included in their ovpn file.

I will try contacting their support and see if they can offer any pointers.
Not sure that all 3 files need to be referenced. Be sure that there is real need for all 3 files.

When you have it running via dsm do you also need to use all files?
 
1,519
649
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
Not sure that all 3 files need to be referenced. Be sure that there is real need for all 3 files.

When you have it running via dsm do you also need to use all files?
No, I only need the ovpn and the certificate files and it works on VDSM. Just like if I’m adding it on DSM.

EE913B2C-1750-44C9-838E-A9835242CAF1.jpeg
 

Rusty

Moderator
NAS Support
2,516
758
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Then having both files in root for qbittorrent should work. Guessing you checked the file name and that it is matched in the ovpn file as well?
 
1,519
649
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
Then having both files in root for qbittorrent should work. Guessing you checked the file name and that it is matched in the ovpn file as well?
Yes (to the best of my knowledge). Anyway, the VDSM solution is much, much better. No need to pursue this :)
 
22
5
NAS
DS918+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
The 1st variable is your LAN network subnet not the nas ip address. So it has to be written down in the form that matches your own network subnet

The second variable are public or local ip address of DNS server you want to use. In this example Google public dns servers are used.

Hi @Rusty, I've done my best to follow the instructions. I have set up the folders, added the the ovpn file in the ovpn folder, within config, and have added the username and password. I have filed out the rest the best I can.

Can you see what I've done wrong? Sorry if its very dummy 😂 Screenshot 2020-06-27 at 03.09.48.png
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top