[HOW-TO] Connect to OpenVPN server with Android apps

Discussion room for Synology VPN package in DSM 3.1-1725 or above.
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:
https://myds.synology.com/support/suppo ... p?lang=enu
2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.
Petrovski
I'm New!
I'm New!
Posts: 3
Joined: Tue Jul 09, 2013 8:39 pm

[HOW-TO] Connect to OpenVPN server with Android apps

Postby Petrovski » Tue Feb 04, 2014 1:59 pm

Thought I'd share how I solved the issues I had while setting up a VPN connection from my Android smartphone to my Synology. I'll describe how to get it working with 2 OpenVPN apps available in the Google Play Store: "OpenVPN Connect" and "OpenVPN for Android". Both apps did not work 'out of the box' for me.

OpenVPN Connect (official OpenVPN app by OpenVPN)
Play Store URL: https://play.google.com/store/apps/deta ... pn.openvpn

- Install VPN server package on your Diskstation using Synology's guide: http://www.synology.com/en-uk/support/t ... s/459#t3.2
- Enable the OpenVPN server using default settings
- Export the OpenVPN configuration provided by the button "Export configuration"
- Navigate to control panel > DSM Settings > tab "certificate" > "Export certificate"
- Make sure a Diskstation user has OpenVPN privileges (I created a dedicated user for this, but that's optional)
- Check the port forwarding and firewall settings on your DiskStation and router to make sure the UDP port 1194 is open
- From the exported OpenVPN configuration, open openvpn.ovpn with a text editor
- Edit the openvpn.ovpn file according to the readme.txt provided (remote settings, etc.)
- Edit openvpn.ovpn by adding three sections to it: <cert></cert>, <key></key>, <ca></ca>
- Unzip the archive with exported certificates from DSM settings
- Open the file server.crt with a text editor, copy the key found inside to the <cert> section in openvpn.ovpn
- Open the file ca.key with a text editor, copy the key found inside to the <key> section in openvpn.ovpn
- Open the file ca.crt with a text editor, copy the key found inside to the <ca> section in openvpn.ovpn
- The result will look like this:

<cert>
-----BEGIN CERTIFICATE-----
key string here
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
key string here
-----END RSA PRIVATE KEY-----
</key>
<ca>
-----BEGIN CERTIFICATE-----
key string here
-----END CERTIFICATE-----
</ca>

- Save the file openvpn.ovpn
- Transfer it to the internal memory or sdcard of your phone
- Install the OpenVPN Connect app from the Google Play Store
- Open the app, touch the settings icon, choose Import > Import Profile from SD card
- Navigate to the file openvpn.ovpn, select it, touch Select
- Fill in the username and password of the Diskstation user with OpenVPN privileges (optionally save the password, less secure)
- Touch Connect
- You should now have a working VPN connection to your Diskstation!


OpenVPN for Android (by Arne Schwabe)
Play Store URL: https://play.google.com/store/apps/deta ... kt.openvpn

- Install VPN server package on your Diskstation using Synology's guide: http://www.synology.com/en-uk/support/t ... s/459#t3.2
- Enable the OpenVPN server using default settings
- Export the OpenVPN configuration provided by the button "Export configuration"
- Make sure a Diskstation user has OpenVPN privileges (I created a dedicated user for this, but that's optional)
- Check the port forwarding and firewall settings on your DiskStation and router to make sure the UDP port 1194 is open
- From the exported OpenVPN configuration, open openvpn.ovpn with a text editor
- Edit the openvpn.ovpn file according to the readme.txt provided (remote settings, etc.)
- Save the file openvpn.ovpn
- Transfer openvpn.ovpn and ca.crt to the internal memory or sdcard of your phone
- Install the OpenVPN for Android app from the Google Play Store
- Open the app, touch the + icon on the bottom left of the screen to add a profile
- Touch "Basic"
-- Enter profile name and server address (server address should be equal to the address you entered for the openvpn.ovpn "remote" entry)
-- Set type to Username/Password
-- Touch the Select button for CA Certificate
-- Navigate to the file ca.crt, select it and touch the Select button
-- Fill in the username and password of the Diskstation user with OpenVPN privileges
-- Touch the back softkey or button of your phone
- Touch "IP and DNS"
-- Check Override DNS settings by Server (needed since Syno's OpenVPN server implementation currently does not properly push the DNS servers, the DNS servers suggested by the app are Google's public DNS servers)
-- Touch the back softkey or button of your phone
- Touch "Authentication/Encryption"
-- Uncheck Expect TLS server certificate
-- Touch the back softkey or button of your phone twice to return to the app's Profiles overview page
- Touch your profile's name to connect (the icon with the sliders on the right allows to edit the profile)
- You should now have a working VPN connection to your Diskstation!

Return to “VPN Server”

Who is online

Users browsing this forum: No registered users and 5 guests