Nas cannot connect through PIA OpenVPN DD-Wrt router

Briar

Tried everything I can think of..... but to be honest knowledge is limited to consumer level.

Synology NAS connects fine until I enable the OpenVPN client in my router.

Once I do, everything else seems to work fine but the NAS. The wrt3200 is giving me the best vpn speeds of any router I've ever owned.

Little to know decrease in download speeds.

I can surf the net, torrent works fine, vpn all appears to work fine, but no NAS while the vpn client is enabled.

It is configured exactly as PIA instructions say

I have tried forwarding all the required ports, I have also tried using port forwarding ranges... still no good.

I also tried enabling upnp to see if that would work, it didn't make any difference.

fwiw, all pass throughs are enabled

Any advice is appreciated.

PIA openVPN client

Synology NAS

WRT3200ACM Router with DD-WRT firmware (latest version)

Omnibus_IV

So the NAS is just your harddrive that is connected to the router? Is that correct? If that is so, then the NAS is getting a DHCP address from the router. Since the VPN is active, that DNCP address is not in the route table on the secured side of things, basically the tunnel. I would setup on my local machine a route to the NAS with a gateway of the routers. An example.

Say the NAS is 192.168.1.100. Say that the router is 192.168.1.1. Say that your local machine is 192.168.1.140. Set up a route from a Admin level CMP Prompt like this...


route add 192.168.1.100 mask 255.255.255.255 192.168.1.1

What you are telling the local machine and the route that anything addressed for 192.168.1.100 will bypass all other routes and go directly to 192.16.1.1. Since the router knows everyone connected to it via ARP, it will know how to get to the NAS.

I would make the NAS a static address if you can. To test, ping the NAS without the VPN. Then after activating the VPN, ping again. It should work.

Briar

Omni,

Thank you for the response. The Synology NAS is a raid unit with its own operating system.

I do have static leases for it. I tried one of my older routers just as a test and it doesn't change anything.

The only error I see when I tried to use the NAS' "easy internet" feature that is supposed to make everything play nice.

It comes back with an error that there are now multiple routers detected and I need to contact my isp or put my router in bridge mode.

Briar

Omnibus_IV

At this juncture it is not important that the NAS is a RAID with it's own OS. It is a device that has Ethernet capability and must follow the rules for the various protocols used over UDP or TCP. What were the results of the ping test? If without VPN it worked but with VPN your got a Request Timeout, then there is the issue.

I still think it is a routing issue. If you cannot touch the NAS and the NAS cannot access anything else then there is an issue on how the packets are moving around. Every packet has a source and destination address. The gateway for your NAS is the router. I don't know what OS the NAS is using.

An example is this. Not sure of your level of understanding IP so this is not intended to lecture.

On my local machine without VPN running my route table shows
0.0.0.0. mask 0.0.0.0. 192.168.1.1
This is saying route all IP on this network to gateway 192.168.1.1 which is my router. If a packet is going to a local machine then it stays in the network

On my local machine with VPN running my route table changes and shows
0.0.0.0 mask 128.0.0.0 10.x.y.z
This is saying route all packets on this network to gateway PIA Server

So when VPN is running on my machine I cannot talk to anything locally, my printer, another computer, or even my modem. I must establish a route that say if an IP matches a device that is IN MY NETWORK (meaning connected to my router either hard or wiri) then send it to the 192.168.1.1 gateway.

There could be something else and you might check with the forum at Synology to see if they might have an explanation. And I could be wrong. If I am then I will learn something about NAS and VPN routers.