Im having trouble settting up a stabil vpn connection on my Synology nas. Basically, im not sure which of the setup guides to use, for the best result. What would you do ?
Hi @micros, thank you for choosing Private Internet Access™. We really appreciate your business and would be happy to assist you with the setup of your Synology NAS device to connect to the Private Internet Access™ VPN network.
To begin, I have taken a look at the Synology NAS knowledgebase and have found a document describing support for PPTP and OpenVPN based VPN solutions. We support both PPTP and OpenVPN.
PPTP is generally considered less secure due to the simplistic nature of its password based encryption which can be broken for as little as $15 by cracking firms. That being said, depending on your use case, PPTP can still be considered a viable solution. In other words, if your use for Private Internet Access™ is for the benefit of a strong encrypted tunnel so that you cannot be subject to any man in the middle attacks or data snooping attacks, then OpenVPN should be used. However, if you are simply utilizing PPTP to mask your IP address or change the region in which your Synology NAS device's internet traffic originates from, then that should, in general, be ok.
If you choose to use OpenVPN, please download the ca.crt which is found inside https://www.privateinternetaccess.com/openvpn/openvpn.zip. From there, you should be able to follow the instructions found on the above knowledgebase article from Synology (above).
Hope this helps you. Thank you for your patience, and once again we really appreciate your business. If you require further assistance, please be feel free to follow up here. Thanks, @micros!
It is a difficult subject. NAS setups rarely can use DDNS (Dynamic Domain Name Servers) and that is what is needed to assign an addressable IP to your NAS.
No-one is ignoring you, but people are generally loathe to give the bad news that there may be nothing that can be done about it.
If you want some suggestions that may lead you in the right direction, you first need a DDNS service of some sort. And a means for your NAS to use it and announce itself to your system. Without that it may well be impossible.
After that, check that your NAS is not trying to use IPv6. The VPN only uses IPv4 because upwards of 90% of the entire Internet uses it, and IPv6 has a number of security problems that have still not been fixed. (And may never be at this rate.)
*Edit* Ninja'ed by KYJelly. He may be onto something there too.
When i try to download with my usenetprovider on europe.newsdemon.com i get 50% of my speed (6 mb/s, without VPN 13 mb/s) and a lot of connection reset by peers in nzbget. I don't have this problem when i download trough my PC with the PIA-app running...
Hello, I'm trying too to set up PIA on my Synology nas. But the tutorial above is not accessible anymore. Anyone know where I can find a working one ? Thanks,
Hello! I'm sorry to hear of the issues you're experiencing. Could I trouble you to email [email protected] or fill out our Submit Ticket form on http://support.privateinternetaccess.com so we can troubleshoot this issue further and try to resolve it for you via troubleshooting?
You can also contact our live chat support by going to our website http://privateinternetaccess.com and clicking on the "Click Here To Chat" button on the bottom right. This will put you in touch with one of our live support agents at any time, 24/7.
Hello,
I signed up to PIA and could not get OpenVPN to work. Fortunately i was able to cancel the same day but unfortunately I did not have enough time to troubleshoot the issue.
Has anyone been able to get this to work on OpenVPN?
Use the Certification file from the zip file as CA Certificate
Open the ovpn file that you want to get information from in notepad
Copy proto from line 3 into Protocol (most liklely UDP)
Copy server address from line 4
Copy port number from line 4 (there is a space between address and port in the notepad file be sure to only take first part for adress and second part for port)
Continue to next page and check all the checkmarks and you are done.
Unfortunately it also does not work for me. Same problem as snoltens
Connection (as specified by emo) seems to be succesful, but the download-program or sabnzbd cannot access.
Is there anyway to test the outside connection (there is no browser available on the NAS)?
Edit: response form PIA customer service:
"I apologise, we do not support using the VPN on a NAS device. Sorry for any inconvenience this may cause."
Edit2: tried with PPTP and thats works fine.
You shouldent have any problems if you follow my guide to the letter, do not auto create or anything you need to manually enter the values. If you do that it should work fine, i've just done another one today without any problems
Hi emo, thanks for the guide. I have got it to work however did you or anyone figure out how to keep the ability to remote into your NAS from outside the network once the VPN is enabled as it seems to prevent the abcde.synology.me address from working.
Hey Folks,
I do use PIA on my MacBook.
I have Synology DS216j NAS.
Currently I use PIA on MacBook and direct download to NAS.
Question: what is the advantage to install and use PIA directly on NAS using Download Station?
Maybe I should simply continue to use it from Mac?
In case you'd advise to use it from Synology... should I expect that instruction written by 'emo' would work in my case?
Thanks for any opinion.
I tried to establish connection using 'emo' instructions . I've got error: connection failed. Please check your network settings or another error: Failed to establish network connection. Could someone help? Thanks
Hi emo, thanks for the guide. I have got it to work however did you or anyone figure out how to keep the ability to remote into your NAS from outside the network once the VPN is enabled as it seems to prevent the abcde.synology.me address from working.
Cheers
Hi Jim,
Try using Quickconnect. In that way you can connect from the outside to your NAS while using a outbound VPN-connection on the inside.
Hey Folks, I do use PIA on my MacBook. I have Synology DS216j NAS. Currently I use PIA on MacBook and direct download to NAS. Question: what is the advantage to install and use PIA directly on NAS using Download Station? Maybe I should simply continue to use it from Mac? In case you'd advise to use it from Synology... should I expect that instruction written by 'emo' would work in my case? Thanks for any opinion.
The advantage to install and use PIA directly on the NAS is the fact that your NAS will be switched on permanently (well, very likely) and your laptop is probably not.
I tried to establish connection using 'emo' instructions . I've got error: connection failed. Please check your network settings or another error: Failed to establish network connection. Could someone help? Thanks
Could you create a new connection and post the settings as text here?
I tried to establish connection using 'emo' instructions . I've got error: connection failed. Please check your network settings or another error: Failed to establish network connection. Could someone help? Thanks
Could you create a new connection and post the settings as text here?
Hello Frans, Sounds that I hit the wall because I tried all possible combinations and it still does not work. As you suggested I created a new Profile with this settings: 1. OpenVPN 2. Profile name: myVPN; server address - us-east.privateinternetaccess.com; user name - p1453619; password ...; port - 1198; protocol - UDP; CA Certificate - ca.rsa.2048.crt which I took from https://www.privateinternetaccess.com/openvpn/openvpn.zip; on Advance settings I left only default selected box - Enable compression on the VPN link 3. click Apply 4. click Connect 5. Got error message: Failed to establish network connection. Authorization Required ..
Not sure what else I could do ... I'm clueless why it does not work for me ... Any help would be appreciated ..
I tried to establish connection using 'emo' instructions . I've got error: connection failed. Please check your network settings or another error: Failed to establish network connection. Could someone help? Thanks
Could you create a new connection and post the settings as text here?
Hello Frans, Sounds that I hit the wall because I tried all possible combinations and it still does not work. As you suggested I created a new Profile with this settings: 1. OpenVPN 2. Profile name: myVPN; server address - us-east.privateinternetaccess.com; user name - p1453619; password ...; port - 1198; protocol - UDP; CA Certificate - ca.rsa.2048.crt which I took from https://www.privateinternetaccess.com/openvpn/openvpn.zip; on Advance settings I left only default selected box - Enable compression on the VPN link 3. click Apply 4. click Connect 5. Got error message: Failed to establish network connection. Authorization Required ..
Not sure what else I could do ... I'm clueless why it does not work for me ... Any help would be appreciated ..
That advanced setting option leads me to believe you aren't using the correct OpenVPN option, but I could be wrong. Make sure you're using the FIRST OpenVPN option - without importing the .OVPN file and see if that works.
Otherwise, I'd say it may be your password or username are incorrect. I got it up and running just fine using emo's guide and have been able to connect externally using QuickConnect as well as download files from my phone via DSGet and access my files, notes, etc,. Peak speeds are attained and I love this. Thank you so much @emo
Hi emo, thanks for the guide. I have got it to work however did you or anyone figure out how to keep the ability to remote into your NAS from outside the network once the VPN is enabled as it seems to prevent the abcde.synology.me address from working.
Cheers
Hi Jim,
Try using Quickconnect. In that way you can connect from the outside to your NAS while using a outbound VPN-connection on the inside.
I tried to establish connection using 'emo' instructions . I've got error: connection failed. Please check your network settings or another error: Failed to establish network connection. Could someone help? Thanks
Could you create a new connection and post the settings as text here?
Hello Frans, Sounds that I hit the wall because I tried all possible combinations and it still does not work. As you suggested I created a new Profile with this settings: 1. OpenVPN 2. Profile name: myVPN; server address - us-east.privateinternetaccess.com; user name - p1453619; password ...; port - 1198; protocol - UDP; CA Certificate - ca.rsa.2048.crt which I took from https://www.privateinternetaccess.com/openvpn/openvpn.zip; on Advance settings I left only default selected box - Enable compression on the VPN link 3. click Apply 4. click Connect 5. Got error message: Failed to establish network connection. Authorization Required ..
Not sure what else I could do ... I'm clueless why it does not work for me ... Any help would be appreciated ..
That advanced setting option leads me to believe you aren't using the correct OpenVPN option, but I could be wrong. Make sure you're using the FIRST OpenVPN option - without importing the .OVPN file and see if that works.
Otherwise, I'd say it may be your password or username are incorrect. I got it up and running just fine using emo's guide and have been able to connect externally using QuickConnect as well as download files from my phone via DSGet and access my files, notes, etc,. Peak speeds are attained and I love this. Thank you so much @emo
You can't use PIA OpenVPN (or other provider) on DSM 5.x without modifying the configuration files generated by DSM menu (it works for PPTP with menu but can't have it stable). But it's fully functional on DSM 6.x just by DSM menu.
After a lot of trial and error, let me share what I've found. I've actually gotten OpenVPN PIA connections working from my Synology DS1515+, currently running DSM 6.1.3-15152 Update 3, using both the manual-configuration and ovpn-import techniques. During many attempts, I would experience the same connected-but-no-data behavior that others have described, and what I've found is that either of two things cause this:
1. The "Enable compression on the VPN link" option must be checked (shouldn't be a problem for the import method, as the corresponding "comp-lzo" option in the ovpn profile is present). @emo did mention checking all the checkmarks, but this is worth calling out as specifically actually being required by the PIA server.
2. (and this is the weird one) At least in my case, on many boots of the system, the openvpn connections will not work until I execute the command "modprobe tun" as root/admin from the command line. This loads the TUN/TAP kernel module that is needed by the OpenVPN client. What's strange as that occasionally, I'll have a boot where I don't have to do that. There's no harm in executing the command unnecessarily, though. The other strange thing (for other Linux folks out there), is that the /dev/net/tun device node is always present, which on a modern udev-based system like this would normally indicate that the tun module is already loaded. But for some reason, it still doesn't work until I've run that command. Additional tip: I haven't tried this, but it would likely work if you go to Task Scheduler in the CP and add a "Triggered Task" to run "modprobe tun" as root at boot-up so you don't have to do it manually.
For me, as long as both of these conditions were met, the connection works every time, regardless of which way the profile was created. I hope this helps somebody. And btw, don't miss changing the port number if configuring manually.
After a lot of trial and error, let me share what I've found. I've actually gotten OpenVPN PIA connections working from my Synology DS1515+, currently running DSM 6.1.3-15152 Update 3, using both the manual-configuration and ovpn-import techniques. During many attempts, I would experience the same connected-but-no-data behavior that others have described, and what I've found is that either of two things cause this:
1. The "Enable compression on the VPN link" option must be checked (shouldn't be a problem for the import method, as the corresponding "comp-lzo" option in the ovpn profile is present). @emo did mention checking all the checkmarks, but this is worth calling out as specifically actually being required by the PIA server.
2. (and this is the weird one) At least in my case, on many boots of the system, the openvpn connections will not work until I execute the command "modprobe tun" as root/admin from the command line. This loads the TUN/TAP kernel module that is needed by the OpenVPN client. What's strange as that occasionally, I'll have a boot where I don't have to do that. There's no harm in executing the command unnecessarily, though. The other strange thing (for other Linux folks out there), is that the /dev/net/tun device node is always present, which on a modern udev-based system like this would normally indicate that the tun module is already loaded. But for some reason, it still doesn't work until I've run that command. Additional tip: I haven't tried this, but it would likely work if you go to Task Scheduler in the CP and add a "Triggered Task" to run "modprobe tun" as root at boot-up so you don't have to do it manually.
For me, as long as both of these conditions were met, the connection works every time, regardless of which way the profile was created. I hope this helps somebody. And btw, don't miss changing the port number if configuring manually.
Hi,
I used to have openvpn with PIA configured on my Synology DSM before successfully (even using the Strong encryption method using the import method), although every now and then there would not be any connection, e.g. when trying to update DSM version, it would fail to connect to the internet. A simple disconnect/connect of the vpn usually soved this problem.
This week I installed a new Netgear router because I want to control all traffic going through the VPN UDP 1198 and when VPN connection is down, it should not access the internet using my real IP.
I'm now running into a weird problem that the PIA openvpn connection can connect, but nothing can access the internet. I thought it was due to the configuration in my router blocking everything coming from the NAS IP, so I disabled the blocking in the router again. Still no connection to the internet from the NAS. When I disable the VPN connection in Synology, it can access the internet.
I have updated DSM to version 6.1.3-15152 Update 4, but this doens't solve the problem.
None of these seem to work for me now. Also not after running the "modprobe tun" command as root.
Seems I'm no longer able to get PIA working whereas before it was still working ok apart from the connection drop every now and then. Any idea what can be wrong here?
Comments
No-one is ignoring you, but people are generally loathe to give the bad news that there may be nothing that can be done about it.
If you want some suggestions that may lead you in the right direction, you first need a DDNS service of some sort. And a means for your NAS to use it and announce itself to your system. Without that it may well be impossible.
After that, check that your NAS is not trying to use IPv6. The VPN only uses IPv4 because upwards of 90% of the entire Internet uses it, and IPv6 has a number of security problems that have still not been fixed. (And may never be at this rate.)
*Edit* Ninja'ed by KYJelly. He may be onto something there too.
I succesfully set up an OpenVPN connection to PIA using DSM 5 on my Synology trough https://www.synology.com/en-uk/knowledgebase/tutorials/523
When i try to download with my usenetprovider on europe.newsdemon.com i get 50% of my speed (6 mb/s, without VPN 13 mb/s) and a lot of connection reset by peers in nzbget. I don't have this problem when i download trough my PC with the PIA-app running...
HELP!
I'm trying too to set up PIA on my Synology nas. But the tutorial above is not accessible anymore.
Anyone know where I can find a working one ?
Thanks,
You can also contact our live chat support by going to our website http://privateinternetaccess.com and clicking on the "Click Here To Chat" button on the bottom right. This will put you in touch with one of our live support agents at any time, 24/7.
I signed up to PIA and could not get OpenVPN to work. Fortunately i was able to cancel the same day but unfortunately I did not have enough time to troubleshoot the issue.
Has anyone been able to get this to work on OpenVPN?
THANKS
Bhups
Here's a step by step guide.
@emo and others.
Unfortunately it also does not work for me. Same problem as snoltens
Connection (as specified by emo) seems to be succesful, but the download-program or sabnzbd cannot access.
Is there anyway to test the outside connection (there is no browser available on the NAS)?
Edit: response form PIA customer service:
"I apologise, we do not support using the VPN on a NAS device. Sorry for any inconvenience this may cause."
Edit2: tried with PPTP and thats works fine.
Cheers
I do use PIA on my MacBook.
I have Synology DS216j NAS.
Currently I use PIA on MacBook and direct download to NAS.
Question: what is the advantage to install and use PIA directly on NAS using Download Station?
Maybe I should simply continue to use it from Mac?
In case you'd advise to use it from Synology... should I expect that instruction written by 'emo' would work in my case?
Thanks for any opinion.
I've got error: connection failed. Please check your network settings
or another error:
Failed to establish network connection.
Could someone help?
Thanks
Try using Quickconnect. In that way you can connect from the outside to your NAS while using a outbound VPN-connection on the inside.
I do use PIA on my MacBook.
I have Synology DS216j NAS.
Currently I use PIA on MacBook and direct download to NAS.
Question: what is the advantage to install and use PIA directly on NAS using Download Station?
Maybe I should simply continue to use it from Mac?
In case you'd advise to use it from Synology... should I expect that instruction written by 'emo' would work in my case?
Thanks for any opinion.
The advantage to install and use PIA directly on the NAS is the fact that your NAS will be switched on permanently (well, very likely) and your laptop is probably not.
The instructions by 'emo' worked fine with me!
Could you create a new connection and post the settings as text here?
As you suggested I created a new Profile with this settings:
1. OpenVPN
2. Profile name: myVPN; server address - us-east.privateinternetaccess.com; user name - p1453619; password ...; port - 1198; protocol - UDP; CA Certificate - ca.rsa.2048.crt which I took from https://www.privateinternetaccess.com/openvpn/openvpn.zip; on Advance settings I left only default selected box - Enable compression on the VPN link
3. click Apply
4. click Connect
5. Got error message: Failed to establish network connection. Authorization Required ..
Not sure what else I could do ... I'm clueless why it does not work for me ...
Any help would be appreciated ..
Otherwise, I'd say it may be your password or username are incorrect. I got it up and running just fine using emo's guide and have been able to connect externally using QuickConnect as well as download files from my phone via DSGet and access my files, notes, etc,. Peak speeds are attained and I love this. Thank you so much @emo
1. The "Enable compression on the VPN link" option must be checked (shouldn't be a problem for the import method, as the corresponding "comp-lzo" option in the ovpn profile is present). @emo did mention checking all the checkmarks, but this is worth calling out as specifically actually being required by the PIA server.
2. (and this is the weird one) At least in my case, on many boots of the system, the openvpn connections will not work until I execute the command "modprobe tun" as root/admin from the command line. This loads the TUN/TAP kernel module that is needed by the OpenVPN client. What's strange as that occasionally, I'll have a boot where I don't have to do that. There's no harm in executing the command unnecessarily, though. The other strange thing (for other Linux folks out there), is that the /dev/net/tun device node is always present, which on a modern udev-based system like this would normally indicate that the tun module is already loaded. But for some reason, it still doesn't work until I've run that command. Additional tip: I haven't tried this, but it would likely work if you go to Task Scheduler in the CP and add a "Triggered Task" to run "modprobe tun" as root at boot-up so you don't have to do it manually.
For me, as long as both of these conditions were met, the connection works every time, regardless of which way the profile was created. I hope this helps somebody. And btw, don't miss changing the port number if configuring manually.
I used to have openvpn with PIA configured on my Synology DSM before successfully (even using the Strong encryption method using the import method), although every now and then there would not be any connection, e.g. when trying to update DSM version, it would fail to connect to the internet. A simple disconnect/connect of the vpn usually soved this problem.
This week I installed a new Netgear router because I want to control all traffic going through the VPN UDP 1198 and when VPN connection is down, it should not access the internet using my real IP.
I'm now running into a weird problem that the PIA openvpn connection can connect, but nothing can access the internet. I thought it was due to the configuration in my router blocking everything coming from the NAS IP, so I disabled the blocking in the router again. Still no connection to the internet from the NAS. When I disable the VPN connection in Synology, it can access the internet.
I have updated DSM to version 6.1.3-15152 Update 4, but this doens't solve the problem.
I've also tried removing all VPN configurations and configure them from scratch using both manual configuration as well as the importing method. I tried all of the files from:
https://nld.privateinternetaccess.com/openvpn/openvpn.zip
https://nld.privateinternetaccess.com/openvpn/openvpn-strong.zip
as well as the more restrictive ssl configs:
https://nld.privateinternetaccess.com/openvpn/openvpn-ip.zip
https://nld.privateinternetaccess.com/openvpn/openvpn-tcp.zip
https://nld.privateinternetaccess.com/openvpn/openvpn-strong-tcp.zip
None of these seem to work for me now. Also not after running the "modprobe tun" command as root.
Seems I'm no longer able to get PIA working whereas before it was still working ok apart from the connection drop every now and then. Any idea what can be wrong here?