Recommended Posts

I purchased an older Synology DSxxx unit and intend to use Quickconnect for accessing it. I plan to use it for off-site backup of my Xpenology unit. So my Xpenology unit would query Quickconnect to find the real Synology unit

Would there be any issues or advices against doing so? 

Share this post


Link to post
Share on other sites

Hm in matters of legal things - not really a problem. But you would use Synology’s relay service. I found it rather slower than a direct VPN connection. I have 4 real Synology boxes (211, 1019, 3615 and a RS3617RPxs) on three different locations. I received fastest rsync and HyperBackup speeds with site to site IPSec (pfSense <> pfSense and OPNSense <> OPNSense routers), followed by OpenVPN connections (one OpenVPN on a SoftEther server, second one on a Synology VPN server while SoftEther was slightly faster). Compared to site to site QuickConnect dropped around 25-30% in speed.

Share this post


Link to post
Share on other sites

Thanks for the feedback. I am not very familiar with the way QC works, I expected it to be a DDNS solution, but now understand it to be a gateway. Probably not going to use it, knowing this. I want to backup 2 Xpenology units to 1 off-site unit. VPN is via one of these Xpenology units. This I can get working, but having the second one use this VPN connection as well seems to be too complex for me. 😣

Share this post


Link to post
Share on other sites
Posted (edited)

It's not a rocket science using VPN on both XPEnologys for this.

 

Setup would be in short:

 

- create or register a DDNS on your router on the "backup location" (if it's not capable of DDNS you can use DDNS on your real Synology)

- for OpenVPN create a port forwarding rule (NAT) for port 1194 UDP on your router to the Synology

- install the VPN Server package on the Synology

- activate OpenVPN and (if desired) change the values for max. connections, etc. (can be left as it is)

- in the VPN Server app choose which user has access to it (Priviliges)

- be sure to activate "automatic blocking"

- in the OpenVPN section export the config files

- open the exported ZIP and extract the files, edit the "VPNConfig.ovpn" with notepad or notepad++ and edit the line "remote YOUR_SERVER_IP 1194"

- replace YOUR_SERVER_IP with the registered DDNS name, save the file

- now back in your XPEnologys go to the control panel -> Network -> Network connections -> Create -> VPN profile

- choose OpenVPN (import via ...)

- enter a name for the connection, the username and his password of the real Synology who has the privilege to connect and upload both the VPNConfig.ovpn and the ca.crt from your real box

- activate the option to reconnect and finish it

 

Repeat the last four steps on your second XPEnology and you're good to go 🙂

Edited by jensmander

Share this post


Link to post
Share on other sites

Thanks for your help again, Jens.

I already tested setup as you described. Only for the second Xpenology unit I was trying to find a way to use the VPN connection of the first unit. This I was unable to do. 

Your solution is to have 2 individual VPN connections to the backup location. So LAN IP ranges would be x.x.1.x, VPN-1 x.x.2.x and VPN-2 x.x.3.x for instance, right?

 

Share this post


Link to post
Share on other sites

If you don’t allow VPN clients to access the network of your Synology (backup) site then you don’t have to care about subnets as the VPN network is usually different to the typical private subnets (10.x.x.x for VPN while most private networks use 192.168.x.x or 172...). You can’t use the VPN connection of Xpenology box1 for Xpenology box2 (and it makes no real sense to do that). Just setup the VPN connection on both Xpenology boxes. If you use HyperBackup or rsync you have to enter the IP of your Synology’s VPN server as the target (10.0.6.1 for example). 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.