Here is the instruction to setup OpenVPN client on Synology box. Since I’ve a ds101j, the setup below is tested on ds101j from remote location. Though I believe setup is the same for whatever machine.
Setup client on synology box is pretty much the same as setup server.
Install OpenVPN client on DS101j
- SSH or telnet to DS101j as root
- ipkg -force-depends install openvpn
- ipkg install kernel-module-tun
- mkdir -p /opt/etc/openvpn/jail/log
- mkdir -p /opt/etc/openvpn/private/keys
- upload ca.crt, ta.key, [Client ID].crt, [Client ID].key to the keys folder
- chmod 700 /opt/etc/openvpn/private/keys
- chmod 600 /opt/etc/openvpn/private/keys/*.key
Edit client configuration
vi /opt/etc/openvpn/config/openvpn.conf and copy the following to the file:
client ## running openvpn as routed mode dev tun ## running openvpn using tcp or udp, must be same as server setup proto udp ## define server address and port remote [ddns domain of openvpn server] [openvpn server port] resolv-retry infinite nobind ## define cerificate and keys location for vpn client ca /opt/etc/openvpn/private/keys/ca.crt cert /opt/etc/openvpn/private/keys/[Client ID].crt key /opt/etc/openvpn/private/keys/[Client ID].key tls-auth /opt/etc/openvpn/private/keys/ta.key 1 ns-cert-type server cipher BF-CBC comp-lzo ## run vpn server as nobody instead of root user nobody group nobody persist-key persist-tun ## defines how details we need in the log, from 0 to 9. verb 3 ## let vpn server run under chroot mode. ## To restrict the vpn server runtimes able to access the jail directory only. ## * Files need to access during runtime must reside in the chroot directory, ## such as log files and ccd directory. chroot jail mute 20
Edit startup script
Startup script for client is same as server. Just make sure all the path in the script is correct.