Root and server certificates, as well as the server key, are found in the directory /var/packages/VPNCenter/target/etc/openvpn/keys/. Login to the Synology NAS as root user, using a terminal program, change to this directory and place your own certificates and server key there. Client certificate ( user.crt) with the private.Server certificate (to replace server.crt) with the.Root certificate ( self signed, will replace ca.crt), a.All server and client certificates can be generated using EasyRSA and OpenSSL. Ensure verification of server certificate and server name on the client side.įor openVPN I use self-signed certificates.Change the VPN server configuration to make authentication with client certificates mandatory.Generate your own set of certificates using EasyRSA or OpenSSL.
ACCESS SYNOLOGY DRIVE REMOTELY INSTALL
Install Synology VPN server and use openVPN to remotely access your disk station and local network.I changed it to 8080 TCP in order to have the possibility to tunnel through firewalls. The standard port for openVPN is 1193 UDP. I decided for the openVPN protocol, as it will work under Windows and iOS and allows for a flexible configuration of ports, protocol and authentications. Whenever possible, use VPN to access your NAS. Store all critical data (certificates and private keys) on an encrypted memory card.Enable 2-Step Verification for DSM web access.SSL/TLS – to secure traffic between website and browser (HTTPS).SSH Secure Shell – for secure login as root user or admin to fully access the (embedded) operating system.VPN Virtual Private Network – to remotely access the local area home network.There is a lot of information available in the web yet for me it took some time to identify and understand the most important modifications and to implement them:
ACCESS SYNOLOGY DRIVE REMOTELY HOW TO
So the question arises, how to mitigate this risk without restricting the remote functionality of the NAS. This NAS has several server functions, making it convenient to access data remotely, but also making it vulnerable to unauthorized intrusion. Recently I bought the network attached storage (NAS) DS1513+ from Synology and integrated it into my home network in order to have a central place to store and access my data.
0 kommentar(er)
