# Problems setting up a VPN server with a Synology NAS - Please help



## grecinos (Oct 10, 2017)

Hey Folks,

I posted a thread a while back in regards to a configuring a VPN server using a Synology NAS.  I was able to successfully connect to my VPN server and access the resources on the LAN.  Since then, I haven't used this feature until the past few days.  I haven't changed anything.  I can connect to the Synology VPN (PPTP) server, but now I can't access any of the resources on the network.  I noticed that the server was allocating IP addresses in the 192.168.0.x range.  My network is using IP addresses in the 192.168.1.x range.  I'm assuming this has something to do with problem?  I can change the Dynamic IP Address (on the VPN server) to start with 192.168.1.0.  But then, that would cause an IP address conflict.  Somehow, I need to configure it such that only unused IP Addresses will be allocated.

Does anyone have any suggestions or insight?

Regards,

grecinos


----------



## Kursah (Oct 10, 2017)

Many VPN servers will allocate addresses in a dedicated subnet (192.168.x.x for example) that is separate from either LAN (local) it is connecting over WAN (public).

Make sure you have the correct routes and firewall rules in-place to allow traffic to traverse various subnets. Some services need what is called a PUSH route, many need routes and rules to explicitly allow traffic (any or specific) over 

What is hosting your VPN server?

Can you better clarify your VPN deployment and configuration for us?

If there was a chance to get you off of PPTP and onto IPSEC or OpenVPN, I'd highly recommend it for security and peace of mind. It may cost some bandwidth and processing power, but the price of keeping your data secure might be worth it. That's a decision only you can make.


----------



## grecinos (Oct 10, 2017)

Thanks for the quick response!

I'm using a Synology NAS configured as a VPN Server (on my LAN).  I have a Spectrum Cable ISP for internet access.  I've configured the router to forward the necessary packets required by the VPN server.

On the client side, I'm using a Windows 10 PC laptop.  For testing purposes,  I have it connected to a Mobile Wifi device.  So, the server and client are on separate internet connections. 

As per your suggestion, I'll likely switch to IPSEC.  But for the moment, I'm going to leave it as is, for testing purposes.


----------



## Kursah (Oct 11, 2017)

If you try to ping any network resources can you?

Have you reviewed the routes for the Synology server? I'll have to look into how Synology hosts its VPN services. I am off of work in about an hour, I'll follow up then!


----------



## grecinos (Oct 11, 2017)

I wasn't able to ping one of my web servers. 

Apparently, I have OpenVPN installed on the PC the I'm trying to get PPTP to work.  (I must have installed it months ago and just now noticed as I have not used it in a while).  In any regards, it works with OpenVPN.  I'm able to access the resources on my LAN.  I would still be interested in knowing how to get it to work with PPTP.  Perhaps it' just network/sharing permissions?

Cheers.


----------



## Kursah (Oct 11, 2017)

OpenVPN is more secure than PPTP, don't waste your time with that old VPN protocol.

Stick with OpenVPN. Yes you need to run the client, but it works well, is reliable and is far more secure. Take advantage of that. If anything see if you can make sure you're running AES256, SHA256 and RSA2048 or higher.


----------



## grecinos (Oct 11, 2017)

Yep.  I'll stick with OpenVPN.  Fortunately, the Synology VPN server makes it easy to export the necessary configuration files.  I found some tutorials on YouTube.  I was up and running in a few minutes.  Truly cool stuff!


----------

