Help with OpenVPN on NAS with clients connecting through HTTP Proxy

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Pablo_g
OpenVpn Newbie
Posts: 2
Joined: Mon Oct 11, 2021 5:13 pm

Help with OpenVPN on NAS with clients connecting through HTTP Proxy

Post by Pablo_g » Mon Oct 11, 2021 6:05 pm

Hello to all. This is the first time I am writing here.

Let me tell you about my problem.... I hope it won't be too long for you guys :)

We are a company of mainly 3 people who have to work with our PCs on the same LAN if we want to work on the same project simultaneously, and access the shared files and databases on the Windows file system.

Several years ago we opted to buy a NAS (Network Attached Storage) from Synology, and were very happy with it, as we didn't depend on having a PC on all the time, and we could work more than one person on the same project all the time, either by connecting our laptops to the same cable network in the office, or through a VPN when we were travelling or working from home.

VPN access had been achieved thanks to the (NETGEAR branded) router with OpenVPN built in, and an IT professional had set it all up for us. In addition, our PCs must be connected to the Internet via a proxy server running on a separate PC (or even running on a virtual machine, but that's beside the point). We use CCProxy which is free, but we are considering whether we should pay for a better software licence.

Then, when we were out of the office, our PC connected through the proxy server to the office VPN server, and we all accessed the same files as if we were on the same LAN.

Just before the pandemic, we had purchased a new Diskstation NAS that we never finished configuring (a DS218).

During the pandemic, the office was unoccupied for quite a while, and for unknown reasons the router stopped working (we think it was a power surge). Luckily the two NAS are still alive.

The problem is that we don't have any routers with OpenVPN now, and we have no plans to buy another one any time soon. Also, the IT technicians who had been advising us are no longer offering that service, and I can't find any help at a reasonable cost.

What I'm trying to do, is to use the OpenVPN package supplied by Synology in their DSM, but connect the clients through an HTTP proxy.

I installed and configured the OpenVPN package provided by Synology for its operating system with no problems, easily set it up and downloaded the .ovpn file to my phone and after a few attempts, I managed to connect successfully with OpenVPN Connect, and view the DS218 content through an Android app (Solid Explorer).

This is the content of the .ovpn file with which I managed to connect:

As exported from Synology OpenVPN app
dev tun
tls-client
remote XXX.DSCloud.biz 1194
pull
proto udp
script-security 2
comp-lzo
reneg-sec 0
cipher AES-256-CBC
auth SHA512
auth-user-pass
setenv CLIENT_CERT 0
<ca>
(...)
</ca>


Then I tried to do the same from a PC, adding the intermediate step of the proxy, but in this case I manage to connect but I can't see the NAS shared folders in Windows Explorer.

The file I used on the PCs is this one:

Not working
dev tun
tls-client
remote XXX.DSCloud.biz 1194
pull
proto tcp-client
http-proxy 192.168.0.200 808
script-security 2
comp-lzo
reneg-sec 0
cipher AES-256-CBC
auth SHA512
auth-user-pass
setenv CLIENT_CERT 0
<ca>
(...)
</ca>


Doing some research, I first discovered that I was missing to configure the "route" option which I don't understand how I should set, and I also understand that the "dev tun" option is also causing problems, but when I change it to "dev tap" I get a bunch of other error messages and fail to connect.

I have the .ovpn file that we used in the past without problems, and this is it:

Worked with bricked router
client
dev tap
proto tcp
http-proxy 10.0.0.102 808
#dev-node NETGEAR-VPN
remote XXX.mynetgear.com 12974
resolv-retry infinite
nobind
persist-key
persist-tun
ca xxx-ca.crt
cert xxx-client.crt
key xxx-client.key
cipher AES-128-CBC
comp-lzo
verb 5

route 10.0.0.0 255.255.255.0 10.0.0.2


So, any help would be greatly appreciated, as our finances are really tight and we are not planning on renting an office again anytime soon, and we also don't want to buy a new router for a single person on LAN.

p.s. I've also posted this question on Synology Community Forum as well, and I'll reply here in case I get any response there :)

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help with OpenVPN on NAS with clients connecting through HTTP Proxy

Post by TinCanTech » Mon Oct 11, 2021 8:04 pm

Pablo_g wrote:
Mon Oct 11, 2021 6:05 pm
I can't find any help at a reasonable cost
I'm reasonable .. tincantech at protonmail dot com

Pablo_g
OpenVpn Newbie
Posts: 2
Joined: Mon Oct 11, 2021 5:13 pm

Re: Help with OpenVPN on NAS with clients connecting through HTTP Proxy

Post by Pablo_g » Tue Oct 12, 2021 8:46 pm

TinCanTech wrote:
Mon Oct 11, 2021 8:04 pm
Pablo_g wrote:
Mon Oct 11, 2021 6:05 pm
I can't find any help at a reasonable cost
I'm reasonable .. tincantech at protonmail dot com
Haha... Thank you. I see it difficult for you to configure everything remotely, besides it's very complicated for me to pay for anything from Argentina... :( we have absurd taxes and quotas for payments abroad.

Post Reply