we have a Synology server at home and set up OpenVPN as it is written in this tutorial - https://www.synology.com/da-dk/knowledg ... /vpn_setup
My father set it up for me, as I live abroad. He then exported settings and sent me the files - ca certificate, read me and openvpn.ovpn
1) I installed certificate
2) ReadMe says:
Code: Select all
To set up an OpenVPN client on Windows:
1. Install OpenVPN client on Windows
*An OpenVPN client on Windows is called OpenVPN GUI.
*Download it from http://openvpn.net/index.php/open-source/downloads.html and install the client.
*The default installation directory is C:\ProgramFiles\OpenVPN.
2. Run OpenVPN GUI as administrator.
3. Edit VPNConfig.ovpn and replace YOUR_SERVER_IP with public IP of your DiskStation.
*If your DiskStation is behind a router, replace YOUR_SERVER_IP with the router's IP.
*Remove # before "redirect-gateway def1" to route all client traffic (including web-traffic) through this VPN Server.
4. Put VPNConfig.ovpn into the config subdirectory under OpenVPN directory
(ie. C:\Program Files\OpenVPN\config\).
4) My OpenVPN.ovpn looks like this:
Code: Select all
dev tun
tls-client
remote ROUTER PUBLIC IP 1194
# The "float" tells OpenVPN to accept authenticated packets from any address,
# not only the address which was specified in the --remote option.
# This is useful when you are connecting to a peer which holds a dynamic address
# such as a dial-in user or DHCP client.
# (Please refer to the manual of OpenVPN for more information.)
#float
# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)
redirect-gateway def1
# dhcp-option DNS: To set primary domain name server address.
# Repeat this option to set secondary DNS server addresses.
#dhcp-option DNS DNS_IP_ADDRESS
pull
# If you want to connect by Server's IPv6 address, you should use
# "proto udp6" in UDP mode or "proto tcp6-client" in TCP mode
proto udp
script-security 2
comp-lzo
reneg-sec 0
cipher BF-CBC
auth SHA1
auth-user-pass
<ca>
-----BEGIN CERTIFICATE-----
CERTIFICATE
-----END CERTIFICATE-----
</ca>
So I tried to connect through OpenVPN. The first problem is, that it asks me for name and password even though my father didn't set any. Is there any problem with it if I put only random username there?
I put admin as username and tried to connect...
This is what I got:
Code: Select all
Tue Feb 20 20:22:31 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Feb 20 20:22:31 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]ROUTER IP:1194
Tue Feb 20 20:22:31 2018 UDP link local (bound): [AF_INET][undef]:1194
Tue Feb 20 20:22:31 2018 UDP link remote: [AF_INET]ROUTER IP:1194
Tue Feb 20 20:23:31 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Feb 20 20:23:31 2018 TLS Error: TLS handshake failed
Thanks,
Vasary
PS: If you need server and client settings, I can send them as well, but he didn't do any changes there.