Synology NAS - Download Station - L2TP/IPSEC Setup HOWTO

bgp179bgp179
edited January 2016 in VPN Setup Support
I have had many issues setting up my Synology NAS DS214 (running the latest DSM 5.2-5644 build) with an L2TP/IPSEC VPN connection to PIA and using Download Station.  I would get it to connect for 60 seconds, then it would drop.  I could get OpenVPN to connect, but Download Station wouldn't work.  So after a lot of tinkering around, I was able to get it all to work, here's what I did.

1.  Under Network -> General - Manually specify DNS Servers (8.8.8.8, 75.75.75.75, or whatever is your favorite).  Under Advanced settings, make sure "Use multiple gateways" is checked.

2.  Under Network -> Static Route - Create a static route for your local LAN(s) and point it to your default gateway (i.e. - If your router gives out 192.168.1.x addresses, then most likely you would set up a static route for 192.168.1.0 255.255.255.0, the gateway would be 192.168.1.1 and the interface would be LAN.

3.  Create another static route for your DNS server (in the example above, the static route would be 8.8.8.8 255.255.255.255 and the gateway would be your local router and the LAN interface).

4. Now create your VPN connection.  
- VPN type is L2TP/IPSEC
- server address:  Has to be the IP Address of your fav PIA server,  not a hostname.  Just open a command prompt and type ping us-east.privateinternetaccess.com and record the IP address.  
- the username/password is NOT your normal PIA login.  It is a SOCKS/PPTP/L2TP username.  Under Client Control Panel, scroll down to "PPTP/L2TP/SOCKS Username and Password) and either generate one or use the one's listed.
The username will begin with an "x", not a "p".
- the pre-shared key is "mysafety"
- click "Next"
- Then check the boxes "Use the default gateway on remote network", "Server is behind NAT" and also "Reconnect if lost"
- click "Ok"

5. Then highlight your VPN connection and hit "Connect".  It should connect and stay connected.  Make sure the sent and received bytes is incrementing and you should be good to go!

Comments

  • steveemixxsteveemixx
    Hello bgp179,
    I recently became a customer of PIA and I also have a Synology NAS (1515+)
    I have a novice question, I downloaded the PIA software onto my HP laptop, and my iPhone5.  Do I need to find the right file (packet) to load on the NAS  or would it work with the install I did on the HP laptop and just by following the instructions you give above?

    Do I need to run and install anything through the Synology "VPN Server" package that I installed, or is that useless for using the PIA solution?  Please let me know if I'm not being clear, if you could help that would be great, if not please direct me to the correct person/website.  Thanks!

  • steveemixxsteveemixx
    bgp179,
    Does it help if I mention that I have my NAS wired directly into my router and I do have VPN passthrough enabled in my Cisco router settings. 
  • bgp179bgp179
    The Synology (at least mine) doesn't have the ability to install packages.  They have network connections that you setup in the control panel.  Here is where I configured mine.  Does that help?
  • steveemixxsteveemixx
    Thanks for getting back to me, your comments are helpful. I am able to run and connect the PIA VPN but get " no results" when trying to use the download station. When I turn the VPN off, I get results. I am showing your instructions to a network administrators that I know who will be able to help me get it set up right. I don't want to mess around too much, I end up locking myself out of the interface (easy enough to fix but such an amateur thing to happen). I don't want to leave the VPN running all the time, only when I use the download station, thanks for your help, I'm sure I will get it to work soon enough. It is so easy to run the service (VPN) on my iPhone, iPad and laptop...I'm surprised it's so difficult to get it to work properly through the NAS. Thanks again!
  • SjonnieSjonnie
    Hi bgp179,

    Excellent guide you´ ve written =D>

    I have just successfully created the VPN on my Synology and it has been up and running for over a quarter of an hour. :-)

    Kudos!
  • wixvwwixvw
    Thanks you so much that worked on DSM6 ! Have a nice day.
  • peonuserpeonuser
    Thanks for the write-up, friend! It got me going on my DS210j running DSM 5.2-5967.
  • MennoMenno
    Steveemixx, have you solved the problem? Exactly the same problem here ...
  • SjonnieSjonnie
    I had some problems reconnecting to PIA today from my Synology. Rebooted the device to no avail :(

    Had to delete the connection and create a new one. This did the job.

    Might have been caused by the latest security update. Might be that a byte has gone on holiday. I don't know...

    If you run in to problems just try to delete the current connection and create a new one.

    HTH

    Greetz,

    Sjonnie
  • jimmymcmahonjimmymcmahon
    Thanks very much for the instructions bgp169.

    I have successfully set up my Synology NAS PIA connection.

    I SSH'ed into my NAS and ran the command
    curl -4 icanhazip.com to check that my IP address had changed to that of the VPN server, which it did.

    I then ran 
    curl -6 icanhazip.com and it returned an ipv6 address.  I disconnected from the VPN server and ran the same curl -6 icanhazip.com command again and I found that the address returned was exactly the same?

    Is this expected behaviour as I am concerned that I may be leaking my real IP.

    I have tried multiple VPN connections using a server in the UK and France and each time, the ipv4 address changes as expected however the ipv6 address remains the same.

    Any help would be much appreciated.
    Many thanks in advance
Sign In or Register to comment.