Update: Configuring OpenVPN on a Synology to a non-standard port

Surprise! The latest version 1.2-2425 of the VPN server of Synology offers a new feature which allows you to configure the OpenVPN port directly from DSM. Thanks Synology.

Advertisements

Configuring OpenVPN on a Synology to a non-standard port

Synology also offers a VPN package for their NAS systems offering PPTP, L2TP and OpenVPN connections. The last one is very useful because it can be configured to use TCP or UDP and typically passed firewall gateways without having to configure anything beyond the port unblocking. I.e. you can configure OpenVPN to use standard ports like TCP/80 or TCP/443 which will disguise the VPN as usual browsing traffic.

Unfortunately Synology does not allow configuring the port OpenVPN is listening to. But if you go down the filesystem it can be configured.

Just open a SSH session and change directory to /usr/syno/etc/packages/VPNCenter/openvpn. In that folder you’ll find the configuration file (openvpn.conf) OpenVPN is using. Open openvpn.conf in vi and add a line like

port 10000

This will instruct OpenVPN upon start to listen to that port (10000 in the above case) instead of the standard port 1194. To activate the change simply issue

/var/packages/VPNCenter/target/scripts/openvpn.sh restart

If you have appropriate port-forwarding configured on your router you’ll then be able to establish a OpenVPN tunnel to the new port. Remember to reflect that change in your client configuration as well.