G+_Kevin Gonzalez Posted October 6, 2018 Share Posted October 6, 2018 I can't seem to find help online for this issue.... When I connect my Synology (718+) to my VPN service (PIA) I can no longer connect using my synology.me domain name. Consequently, the users with access to Drive files are no longer able to connect. Is there a way to keep these domain links resolving to my NAS even with the VPN service enabled? Also, for some reason I can not download files to download station or transmission but suspect that to be a firewall or port issue that I need to look further into for resolution. Any help is appreciated. Thanks. Link to comment Share on other sites More sharing options...
G+_George Fromtulsa Posted October 6, 2018 Share Posted October 6, 2018 When you're connected to a VPN your Internet point of entry is at-through a VPN provider's gateway. The usual expectation is you, through a browser, "call" a URL which the VPN software and host can resolve back to your system. That's different than an outside third party accessing a VPN to send data to an upstream user. For one thing, there's no way to predict your VPN point of entry. Chicago? Chattanooga? Cairo? What you want to do is possible. My wife worked remotely for HAL. Her laptop phoned home to HAL over the Internet over a VPN. Once the encrypted VPN was connected, she could then login to HAL's systems with imperceptible performance degradation vs. direct connections at a HAL office. Not a consumer grade setup. In many ways Synology's QuickConnect is similar to the HAL setup. Synology provides a switchboard that its local software enables "outside users" to find your NAS and securely connect. I used the setting on my 718+ that forces direct data path only rather than passing data through Synology servers if a direct connection can't be made. Link to comment Share on other sites More sharing options...
G+_Marco van Laerhoven Posted October 7, 2018 Share Posted October 7, 2018 Have you checked the IP address of the NAS ? Usually, when you connect it to the VPN the IP address changes to be local to the "virtual network" you're connecting to. I think PIA will assign it a 10.x.x.x address. The default setup is to route all traffic through the VPN - effectively disabling the original network settings You should be able to add a route to the routing table to also route through the synology.me Link to comment Share on other sites More sharing options...
G+_Kevin Gonzalez Posted October 9, 2018 Author Share Posted October 9, 2018 thank you both...i will continue work on it. In the meantime, I still cannot get the standard install of Download Station or Transmission to download anything correctly......does anyone have any thoughts? Running the latest versions. Link to comment Share on other sites More sharing options...
G+_George Fromtulsa Posted October 9, 2018 Share Posted October 9, 2018 I am able to access NAS through the DSM interface remotely over Quick Connect as if it were on the desk next to me. Can upload and download files. The Quick Connect story is no ports need be opened. Not so, it turns out, for PhotoStation and HyperBackup. I used the tool which requires UPnP last night to open the ports for both. Reluctantly. And will test remote today. I do have two factor authentication on. What seems aparent at the PR level, or even at the superficial tutorial level, becomes confoundingly complicated IRL. Link to comment Share on other sites More sharing options...
G+_George Fromtulsa Posted October 9, 2018 Share Posted October 9, 2018 Kevin Gonzalez So worked like a charm, but I sure don't like having UPnP and open ports to do a HyperBackup. Link to comment Share on other sites More sharing options...
G+_Kevin Gonzalez Posted October 11, 2018 Author Share Posted October 11, 2018 George Fromtulsa The problem is - when VPN is connected to PIA, Quickconnect no longer works. It is essentially the same as synology.me in that it doesn't route to new IP assigned by PIA.... Link to comment Share on other sites More sharing options...
G+_George Fromtulsa Posted October 11, 2018 Share Posted October 11, 2018 Kevin Gonzalez I think Quickconnect is equivalent to a VPN. If all works like it should, your QC is 100% encrypted end to end, unless you run data through Synology servers, and Synology says even though they could be a man in the middle, they don't. Link to comment Share on other sites More sharing options...
G+_Kevin Gonzalez Posted October 12, 2018 Author Share Posted October 12, 2018 George Fromtulsa It's not the connection TO the NAS I'm using the VPN connection. It's any external NAS connections used for various packages etc. I can connect via secure connection with Quick connect or the VPN server package but when I'm connecting to other servers with the NAS I want the VPN running....that's when other inbound connections fail. Link to comment Share on other sites More sharing options...
G+_George Fromtulsa Posted October 12, 2018 Share Posted October 12, 2018 Kevin Gonzalez I'm pretty sure there's no security advantage from your NAS passing through PIA VPN out to the net because when it exits PIA onto the general internet, your signal is in the same status as when it leaves your home router. If your NAS is connecting to external servers, it isn't any more secure entering the Internet at a PIA connection point than entering the 'net at your own home. Either you have an encrypted tunnel NAS to Server, in which case you're as safe as it is possible to be. If you don't, you may be "safer" from the "leg" from your house through PIA VPN, but there's no gain if your signal exits PIA unencrypted. Setting your NAS up to "intake" outside connections, say from you at Starbies, over a VPN insures your signal is encrypted end to end. But that requires setting up your own VPN from your laptop home to the NAS. Then anyone external with the VPN setup and your NAS login passwords can connect securely. Link to comment Share on other sites More sharing options...
Recommended Posts