Surprise! The latest version 1.2-2425 of the VPN server of Synology offers a new feature which allows you to configure the OpenVPN port directly from DSM. Thanks Synology.
Synology also offers a VPN package for their NAS systems offering PPTP, L2TP and OpenVPN connections. The last one is very useful because it can be configured to use TCP or UDP and typically passed firewall gateways without having to configure anything beyond the port unblocking. I.e. you can configure OpenVPN to use standard ports like TCP/80 or TCP/443 which will disguise the VPN as usual browsing traffic.
Unfortunately Synology does not allow configuring the port OpenVPN is listening to. But if you go down the filesystem it can be configured.
Just open a SSH session and change directory to /usr/syno/etc/packages/VPNCenter/openvpn. In that folder you’ll find the configuration file (openvpn.conf) OpenVPN is using. Open openvpn.conf in vi and add a line like
This will instruct OpenVPN upon start to listen to that port (10000 in the above case) instead of the standard port 1194. To activate the change simply issue
If you have appropriate port-forwarding configured on your router you’ll then be able to establish a OpenVPN tunnel to the new port. Remember to reflect that change in your client configuration as well.
Ok…after fiddling around some time…To restart OpenVPN on a Synology (VPN Center) use the following:
openssl pkcs12 -in <file>.pfx -out <file>.pem
Windows systems seems to be unable to use certificates that are encrypted with 3des. Therefore the “-descert” option is used.
openssl pkcs12 -export -des -descert -in <file>.pem -out <file>.pfx