Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

devsfan1830

macrumors regular
Original poster
Aug 26, 2011
153
105
VA
I have my Synology Diskstation setup as my OpenVPN server since nothing else I have supports it. The seemingly default and possibly only authentication method is username and password. From what I understand, the OpenVPN workaround is to NOT require a password at all. Is this right? Any Synology users out there who managed to do this and can share instructions?
 

Feenician

macrumors 603
Jun 13, 2016
5,313
5,100
I have my Synology Diskstation setup as my OpenVPN server since nothing else I have supports it. The seemingly default and possibly only authentication method is username and password. From what I understand, the OpenVPN workaround is to NOT require a password at all. Is this right? Any Synology users out there who managed to do this and can share instructions?

I don't have a synology but I've followed a similar procedure on my Pi. Take a look at this. It does require SSH/Command line work

http://blog.centurio.net/2014/12/23...ficates-with-synology-vpn-server-and-openvpn/
 

campyguy

macrumors 68040
Mar 21, 2014
3,413
957
Owner of a few Synology NAS units and a couple of RT2600ac routers, using OpenVPN - the setup is pretty much the same on both device types. I use the Synology device to generate the authentication files, easy peasy. I use AirPlay to get the certificate from my Mac to my iPad and iPhones.

Synology's instructions for the NAS DSM are here, with the OpenVPN instructions partway down the page. QED.
 

BrianBaughn

macrumors G3
Feb 13, 2011
9,696
2,447
Baltimore, Maryland
If the VPN is setup as only OpenVPN by those instructions it would seem to me that authentication would be handled by the cert files and not username/password.
 

devsfan1830

macrumors regular
Original poster
Aug 26, 2011
153
105
VA
Owner of a few Synology NAS units and a couple of RT2600ac routers, using OpenVPN - the setup is pretty much the same on both device types. I use the Synology device to generate the authentication files, easy peasy. I use AirPlay to get the certificate from my Mac to my iPad and iPhones.

Synology's instructions for the NAS DSM are here, with the OpenVPN instructions partway down the page. QED.

I'm familiar with those instructions as that what I followed to set it up in the first place. However, just importing the .ovpn doesn't do it by itself. OpenVPN Connect doesn't recognize the crt as a importable file. So I still need to physically enter my diskstation password to connect. Which is broken by iOS 12. I need help removing the need for user/pass.
 

Chronus

macrumors regular
Sep 9, 2014
223
194
If you’re using a Mac, use tunnelblick. You can drag the .openvpn files to the taskbar and it creates a connection with your openvpn server.
 

campyguy

macrumors 68040
Mar 21, 2014
3,413
957
I'm familiar with those instructions as that what I followed to set it up in the first place. However, just importing the .ovpn doesn't do it by itself. OpenVPN Connect doesn't recognize the crt as a importable file. So I still need to physically enter my diskstation password to connect. Which is broken by iOS 12. I need help removing the need for user/pass.
Sorry for the advice, I'm not experiencing your import/connection issues with iOS 12 on my Air 2 or iP6S+.
 

devsfan1830

macrumors regular
Original poster
Aug 26, 2011
153
105
VA
If you’re using a Mac, use tunnelblick. You can drag the .openvpn files to the taskbar and it creates a connection with your openvpn server.

Thank you but this is an iOS 12 specific issue. I'm a windows user otherwise and OVPN works fine there. In fact, using my phones hotspot and connecting via my Surface Pro has been my rather cumbersome workaround for now.

Have you looked at "I am having trouble importing my .ovpn file" on this webpage?

Sorry for the advice, I'm not experiencing your import/connection issues with iOS 12 on my Air 2 or iP6S+.

I in no way meant to be snarky. Just saying I already followed that guide. I'm looking for an alternative method.

Maybe I need to clarify.

There's nothing wrong with the ability to import the ovpn file into the app. That works great. By using the synology instructions I also need to enter my diskstation username and pass after importing the file. In the iOS 12 beta it is a known issue that when you do this, and leave the app, the VPN disconnects. OVPN has acknowledged it as a reported Apple bug. Its fixed in an OVPN Connect 3.0 beta in TestFlight that I have not been admitted to.

I saw somewhere that a workaround is to NOT use the username and pass method.

I am a total novice with this VPN setup. Following the synology instructions to the letter ends up requiring username and pass which works fine normally, except in iOS 12 beta at the moment.

What I am asking is whether or not synology provides SOME manner in which you just only import a profile or certificate and am not required to manually enter login info. The use of manual login info is apparently the issue.

I'm not really willing to roll back out of the beta for this ONE issue. I just use the VPN to check on a 3D printer at home and tunneling in via the VPN is far more secure than exposing it to the internet via port forwarding. So its not a 24/7 necessity really. Just wanted to see if the supposed work around was possible with Synology is all.
 

Feenician

macrumors 603
Jun 13, 2016
5,313
5,100
Thank you but this is an iOS 12 specific issue. I'm a windows user otherwise and OVPN works fine there. In fact, using my phones hotspot and connecting via my Surface Pro has been my rather cumbersome workaround for now.





I in no way meant to be snarky. Just saying I already followed that guide. I'm looking for an alternative method.

Maybe I need to clarify.

There's nothing wrong with the ability to import the ovpn file into the app. That works great. By using the synology instructions I also need to enter my diskstation username and pass after importing the file. In the iOS 12 beta it is a known issue that when you do this, and leave the app, the VPN disconnects. OVPN has acknowledged it as a reported Apple bug. Its fixed in an OVPN Connect 3.0 beta in TestFlight that I have not been admitted to.

I saw somewhere that a workaround is to NOT use the username and pass method.

I am a total novice with this VPN setup. Following the synology instructions to the letter ends up requiring username and pass which works fine normally, except in iOS 12 beta at the moment.

What I am asking is whether or not synology provides SOME manner in which you just only import a profile or certificate and am not required to manually enter login info. The use of manual login info is apparently the issue.

I'm not really willing to roll back out of the beta for this ONE issue. I just use the VPN to check on a 3D printer at home and tunneling in via the VPN is far more secure than exposing it to the internet via port forwarding. So its not a 24/7 necessity really. Just wanted to see if the supposed work around was possible with Synology is all.

The link I posted in the first response details how to configure Open VPN on Synology to use a certificate instead of username and password.

The other alternative is to join the beta program for the iOS app, which apparently rectifies the issue. I don’t have the email address handy but if you mail them you be accepted.
 

campyguy

macrumors 68040
Mar 21, 2014
3,413
957
I in no way meant to be snarky.
I never felt or thought you were being snarky, I'm not wired that way. No worries. :cool:

I've been on the road, only having a bit of time for input each day until sometime next week. When I get back and if I know more I'll pass it on....
 

TypeMRT

macrumors 6502a
Sep 7, 2007
525
131
I had it working for over a year but ever since sometime in March it stopped. I struggled to find a solution until I uninstalled the VPN Plus Server and installed the beta. Now it works following the normal instructions. Good luck.
 

devsfan1830

macrumors regular
Original poster
Aug 26, 2011
153
105
VA
I had it working for over a year but ever since sometime in March it stopped. I struggled to find a solution until I uninstalled the VPN Plus Server and installed the beta. Now it works following the normal instructions. Good luck.

Not sure I follow what you mean. The VPN app on the Diskstation isnt causing me any issue. I actually connect ok. Its the act of leaving the app that causes the VPN connection to drop. They borked something in the iOS 12 beta. That musch is confirmed. But I keep seeing some kind of workaround cited and yet I cant undertstand what it is exactly or if it can be used for OVPN served by a Synology DS.
 

TypeMRT

macrumors 6502a
Sep 7, 2007
525
131
Not sure I follow what you mean. The VPN app on the Diskstation isnt causing me any issue. I actually connect ok. Its the act of leaving the app that causes the VPN connection to drop. They borked something in the iOS 12 beta. That musch is confirmed. But I keep seeing some kind of workaround cited and yet I cant undertstand what it is exactly or if it can be used for OVPN served by a Synology DS.
Sorry, I misunderstood. I hope it gets fixed.
 

Ben Harley

macrumors member
Dec 7, 2016
73
16
United Kingdom, London
Hey I had same issues with Synology DS stations. But I was using a commercial vpn. But I had these speed issues on it. I was so fed up with it, I had to stop using it.

Recently I found out, the vpn I was using had the speed issues so I might need to change the provider now.. The guide shows the genuine user results and I talked to them and told them about my issues and they acknowledged that they were having same issues on Synology work station and even on windows PC.
 

devsfan1830

macrumors regular
Original poster
Aug 26, 2011
153
105
VA
Hey I had same issues with Synology DS stations. But I was using a commercial vpn. But I had these speed issues on it. I was so fed up with it, I had to stop using it.

Recently I found out, the vpn I was using had the speed issues so I might need to change the provider now. The guide shows the genuine user results and I talked to them and told them about my issues and they acknowledged that they were having same issues on Synology work station and even on windows PC.

OpenVPN is hosted directly on the DiskStation. It becomes the VPN server with my router setup to update my free No-IP DDNS address. There's no commercial provider involved. So its a point to point tunnel between my iPhone and/or Surface Pro and the DiskStation on my home network.I just use it because its easier to access my 3d printer remotely like that than exposing a RaspberryPi to the internet. Secondary perk is accessing my files aggregated from all my devices and mirrored to OneDrive.
 
  • Like
Reactions: Ben Harley

Chronus

macrumors regular
Sep 9, 2014
223
194
I have a similar issue, but my setup is different to yours. I use AirVPN on my router so all traffic is going via the VPN.

With the VPN on I can no longer connect to the VPN tunnel with an openvpn connection remotely to my DSM. Whit the VPN of it works fine, but can use the quickconnect to remotely access the DSM.

I have to leave ports open the the web for a web server and to update the let’s encrypt certificates automatically.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.