Synology as VPN Client

Questions that don't fit in any category below may go here
Forum rules
Please note the disclaimer before modifying your Synology Product.

Synology as VPN Client

Postby h0me5k1n » Sun Mar 21, 2010 10:59 am

I'm interested in using a third-party VPN service. Ideally I'd like to route all external network traffic over the VPN connection whilst not impacting on any local network configuration.

I know it's possible to configure a Diskstation as a VPN client to use a third party VPN service but is it possible to route only DownloadStation generated traffic over the VPN connection?

I believe "setfib" can be used to tell certain applications to use a given routing table... but I can't seem to find out much about it. I believe the kernel may need to be rebuilt to support multiple routing tables before this can even be considered.

Any ideas?
h0me5k1n
Beginner
Beginner
 
Posts: 20
Joined: Sun Jan 25, 2009 1:48 pm

Re: Synology as VPN Client

Postby kemetyl » Mon Mar 29, 2010 12:52 pm

How do I get the Diskstation to be a VPN client to use a third party VPN service?

I have looked for this but found nothing. Please enlighten me! :)
kemetyl
Rookie
Rookie
 
Posts: 30
Joined: Fri Feb 26, 2010 10:26 am

Re: Synology as VPN Client

Postby TomG » Mon Mar 29, 2010 1:13 pm

Not really an easy question to answer:

If you want to use your Diskstation as VPN client, all pc's who need access to the VPN service (remote network) should also have the necessary entries in their routing table (depending on the subnets, vlan's en routing configuration on the remote network). Also, your diskstation should act as a router between it's VPN interface (connected to the remote network) and the LAN interface (connected to your local network).

The diskstation itself will already have the necessary entries in it's routing table to communicate with the remote network (because of the connected VPN interface). Depending on it's routing table, it can either use your own internet connection or the remote network to access the internet (for example for using download station, file station and any other service your diskstation can serve).

You can still use your internet router as default gateway (as an exception to the static entries you entered, as explained above) for your own pc's.
DS-107+ | DSM 3.1-1636 | 1x Western Digital WD20EARS
DS-1010+ | DSM 5.0-4458 | 5x Western Digital WD20EARS (RAID5 without hotspare)
TomG
Versed
Versed
 
Posts: 204
Joined: Sun Oct 21, 2007 10:49 am
Location: Belgium, Europe

Re: Synology as VPN Client

Postby kemetyl » Mon Mar 29, 2010 1:25 pm

Oh dear, I didn't get much of that.

I am surprised though to hear that I CAN make the diskstation connect to a VPN for use with the download station, etc, since I looked all around for this. Maybe I searched for the wrong things.

The VPN I'm using is basicly just for hiding my own IP adress, and I would of course like to use this mainly with the download station.

The thing is that the VPN-service I'm using is using PPTP, are the things you described still possible despite that?
kemetyl
Rookie
Rookie
 
Posts: 30
Joined: Fri Feb 26, 2010 10:26 am

Re: Synology as VPN Client

Postby TomG » Mon Mar 29, 2010 2:25 pm

In theory, it should be possible. First, you should post what's currently in your routing table:

Example of mine (I use an PPPOE connection to connect to the internet, maybe you don't, but at least you should see there some interface for your VPN connection while active).
Code: Select all
DiskStation> route -n

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
80.200.x.x     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.24.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         80.200.54.1     0.0.0.0         UG    0      0        0 ppp0


By default, all traffic will pass through your own default gateway. However, if you define static routes for the target ip adresses you want to download from, it should be possible to tell your diskstation to use the VPN tunnel.

Maybe there's a way to route all traffic thought the tunnel, but this will be some kind chicken or egg problem:
You need the default gateway of your own router/isp to access the internet, but you want to tell the diskstation to use the tunnel to route all trafic through. I don't know how you can combine that to make it work.
DS-107+ | DSM 3.1-1636 | 1x Western Digital WD20EARS
DS-1010+ | DSM 5.0-4458 | 5x Western Digital WD20EARS (RAID5 without hotspare)
TomG
Versed
Versed
 
Posts: 204
Joined: Sun Oct 21, 2007 10:49 am
Location: Belgium, Europe

Re: Synology as VPN Client

Postby kemetyl » Mon Mar 29, 2010 2:42 pm

Mine looks like this:


Code: Select all
DiskStation> route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
kemetyl
Rookie
Rookie
 
Posts: 30
Joined: Fri Feb 26, 2010 10:26 am

Re: Synology as VPN Client

Postby TomG » Mon Mar 29, 2010 3:19 pm

But that's without your vpn connection...
DS-107+ | DSM 3.1-1636 | 1x Western Digital WD20EARS
DS-1010+ | DSM 5.0-4458 | 5x Western Digital WD20EARS (RAID5 without hotspare)
TomG
Versed
Versed
 
Posts: 204
Joined: Sun Oct 21, 2007 10:49 am
Location: Belgium, Europe

Re: Synology as VPN Client

Postby kemetyl » Mon Mar 29, 2010 3:44 pm

Yes, that's because I don't know how to make the DS connect to my VPN.

I'm obviously missing something here.. Sorry!

I have a router connected to the internet. Behind it on my LAN I have the DS and my computer. I have a VPN I can connect to from the computer (Win7) via PPTP. When I'm connected to the VPN from the computer, all internet traffic goes through the VPN (obviously), and my IP is hidden. What I'd like to do is make the DS connect to the VPN instead, thus enabling downloading things directly to the DS (using download station) without bothering connecting the computer to the VPN (or even having the computer on).

I'm sorry if I misunderstood some part of the first post of this thread, but I thought he said this was possible. Not correct?

In any case, thank you for your help!
kemetyl
Rookie
Rookie
 
Posts: 30
Joined: Fri Feb 26, 2010 10:26 am

Re: Synology as VPN Client

Postby TomG » Mon Mar 29, 2010 3:48 pm

I do not have any experience with VPN client software on the diskstation, so I can't help you with that, I'm sorry.
DS-107+ | DSM 3.1-1636 | 1x Western Digital WD20EARS
DS-1010+ | DSM 5.0-4458 | 5x Western Digital WD20EARS (RAID5 without hotspare)
TomG
Versed
Versed
 
Posts: 204
Joined: Sun Oct 21, 2007 10:49 am
Location: Belgium, Europe


Return to General Mods

Who is online

Users browsing this forum: No registered users and 2 guests