Update: Configuring OpenVPN on a Synology to a non-standard port

Surprise! The latest version 1.2-2425 of the VPN server of Synology offers a new feature which allows you to configure the OpenVPN port directly from DSM. Thanks Synology.


Configuring OpenVPN on a Synology to a non-standard port

Synology also offers a VPN package for their NAS systems offering PPTP, L2TP and OpenVPN connections. The last one is very useful because it can be configured to use TCP or UDP and typically passed firewall gateways without having to configure anything beyond the port unblocking. I.e. you can configure OpenVPN to use standard ports like TCP/80 or TCP/443 which will disguise the VPN as usual browsing traffic.

Unfortunately Synology does not allow configuring the port OpenVPN is listening to. But if you go down the filesystem it can be configured.

Just open a SSH session and change directory to /usr/syno/etc/packages/VPNCenter/openvpn. In that folder you’ll find the configuration file (openvpn.conf) OpenVPN is using. Open openvpn.conf in vi and add a line like

port 10000

This will instruct OpenVPN upon start to listen to that port (10000 in the above case) instead of the standard port 1194. To activate the change simply issue

/var/packages/VPNCenter/target/scripts/openvpn.sh restart

If you have appropriate port-forwarding configured on your router you’ll then be able to establish a OpenVPN tunnel to the new port. Remember to reflect that change in your client configuration as well.

Unbricking a TP-Link TL-WA801ND v2

Experimenting with embedded devices is fun but things not always work as expected. Sometimes you just flash the wrong firmware. So did I. After having done so I furthermore realized that the bootloader in my TL-WA801ND v2.1 was the current one and therefore contains a bug (or maybe it was deliberately crippled?). The impact of this bug was that you’re not able to load something via TFTP from the bootloader. How to unbrick this device? Is it possible at all? To anticipate the answer: It is. But at intermediate level…

Read more →

Reverting a TP-Link TL-WA801ND from OpenWRT back to stock firmware

I think it might be of interest what I’ve answered in response to one of my commenters. So I decided to put in here as well:

Going back to stock firmware is not that complicated although it can’t be done from the web interface.
First you need to get a stock firmware from TP-Link. I suggest you don’t grab the latest one as it comes along with a new bootloader. The new bootloader is either having a bug or by design crippled but you will no more be able to use TFTP with that one. It’s broken. Take an older one, e.g. TL-WA801ND_V2_120524. Unzip and copy the firmware to the device:

scp -l root wa801nv2_en_3_13_20_up\(120524\).bin IP ADDRESS:/tmp/tplink.bin

Then you need to logon to it via ssh and flash the firmware:

cd /tmp
mtd -r write tplink.bin firmware

It will reboot and come back again running the stock firmware.

Read the original post →

Update (5): Bringing OpenWRT (Barrier Breaker) to TL-WA801ND v2

I created a Dropbox folder from where you can download version 12.09 for TL-WA801ND v2 access points. It also contains binaries of the “Barrier Breaker” trunk as well. Note that the later ones are under development and not considered stable. The trunk builds are more or less actual. If time permits I compile the latest version and update.

Feel free to leave a comment to let me know if the Dropbox works for you.

Read the original post →