Activate OpenVPN Client on a Synology with DSM 4.0 with Certificates: Unterschied zwischen den Versionen
Aus Markus' Wiki
Markus (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „Synology DSM 4.0 upwards brings along an OpenVPN client. It supports authentication by login credentials. However when you operate with certificates, things co…“) |
(kein Unterschied)
|
Version vom 19. Februar 2013, 00:23 Uhr
Synology DSM 4.0 upwards brings along an OpenVPN client. It supports authentication by login credentials. However when you operate with certificates, things come a little complicated. I found this solution:
- Create a dummy client profile. Pick an arbitrary user and an arbitrary password. Upload your ca.crt
- Then activate SSH on the Synology
- Then ssh into it as root (with the admin password)
- cd int the following directory:
/usr/syno/etc/synovpnclient/openvpn
- create a directory to hold your keys
/usr/syno/etc/synovpnclient/openvpn/keys
- edit the file named "client_xxxxxxxxx" to look like this:
client dev tun remote (your OpenVPN server) (port) proto tcp-client tls-client remote-cert-tls server ca (your previously uploaded ca.crt - Watch out, is has a different file name! ca_oxxxxxxxxxxx.crt) cert keys/your_client's.crt key keys/your_client's.key script-security 2 #reneg-sec 0 #plugin /lib/openvpn/openvpn-down-root.so /etc/ppp/ip-down comp-lzo cipher (the one you are using on your OpenVPN server) tls-cipher (the one you are using on your OpenVPN server)
- This is just a sample, and you must make sure to consider the server settings.
- Then go to the DSM's web configuration gui and click on "connect"
