NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Setting up login credentials for OPEN VPN
Hello,
I have a Nighthawk R7000 rooter with a default OS (which I can't change).
I have for several years activated the vpn service with open vpn which works very well.
However, I'd like to increase security to connect to my rooter (and therefore to the connected nas server): set up a login and password connection.
Is there a (simple) solution for this type of connection via open vpn?
Is it possible to give rights to certain identifiers or remove them?
I'd like to stop distributing the identification key, but to grant connection rights.
Thank you in advance for your reply.
Translated with DeepL.com (free version)
Needless to say you need to configure the port forwarding on your router to the Syno LAN IP address
Voila https://kb.synology.com/fr-fr/DSM/help/VPNCenter/vpn_setup?version=7#b_17
Here a very old OpenVPN Client Syno config example (no guarantee):
==========
dev tun
tls-clientremote XXXXXXXX.synology.me 1194
# The "float" tells OpenVPN to accept authenticated packets from any address,
# not only the address which was specified in the --remote option.
# This is useful when you are connecting to a peer which holds a dynamic address
# such as a dial-in user or DHCP client.
# (Please refer to the manual of OpenVPN for more information.)#float
# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)#redirect-gateway def1
# dhcp-option DNS: To set primary domain name server address.
# Repeat this option to set secondary DNS server addresses.#dhcp-option DNS DNS_IP_ADDRESS
pull
# If you want to connect by Server's IPv6 address, you should use
# "proto udp6" in UDP mode or "proto tcp6-client" in TCP mode
proto udpscript-security 2
comp-lzo
reneg-sec 0
cipher BF-CBC
auth SHA1
auth-user-pass
<ca>
-----BEGIN CERTIFICATE-----
MIIDTTCCAragAwIBAgIJAOQ2welR+cy6MA0GCSqGSIb3DQEBCwUAMIGnMQswCQYD
xxx-----END CERTIFICATE-----
</ca>==========
Bonne chance!
Please note: This was never adopted to the "newer" (modern) OpenVPN standard, however it's still workable:
9 Replies
ADOZ2AD wrote:Hello,
I have a Nighthawk R7000 rooter with a default OS (which I can't change).
I have for several years activated the vpn service with open vpn which works very well.
However, I'd like to increase security to connect to my rooter (and therefore to the connected nas server): set up a login and password connection.
Is there a (simple) solution for this type of connection via open vpn?
Is it possible to give rights to certain identifiers or remove them?
I'd like to stop distributing the identification key, but to grant connection rights.Thank you in advance for your reply.
Translated with DeepL.com (free version)
A couple of resource links that could help you find answers.
https://www.snbforums.com/forums/vpn.12/
The people behind your NAS and its OS may also have useful things to say.
I've come to ask for help here because I use the basic netgear os and the basic openvpn vpn option.
