Resetting a VPN and Remote Desktop to Your Home with Synology (from an iPhone)
– 👌
It’s amazing to be basically my own IT department. The kinds of things we can do in our homes as individuals with ready-made devices who might have needed an IT department just ten years ago, you know? surprising.
I wanted to be able to get a VPN into my home and remotely access my devices and files. I am very much aware that there are a lot of different options for doing this, and they have been around for years. From GoToMyPc to Hamachi, again, there are dozens of ways. I wanted a VPN solution that I could use on my iPhone/iPad and Surface. I wanted it to be standards based and not require any additional software installs.
I have a NAS Synology 1511+ and I love it. It’s not just a file server, it’s a server for everything, in my house. I use it for Plex, it hosts my files and photos, runs my surveillance cameras and acts as a DVR, runs a Minecraft server, is a Git server, and even runs Docker.
Synology will act as my VPN server as well.
Here’s how to setup four things. Synology, my router, my iOS device, my Windows PC/PC.
The result is that I can now access my home and manage things from any device I own.
Synology setup for L2TP VPN
First, in the Synology Package Manager, make sure that the Synology VPN Server package is installed and running.
You should provide some information about the VPN technology you want to use. I decided to use L2TP, although there was some concern that the NSA had weakened it. The benefits are that it is on all major platforms, is generally considered secure, and is easy to set up.
Select L2TP (or whatever you want), and enable it. Also note that I chose my internal DNS server. I’ve found that this works best for me when trying to access internal resources. You can also set up the hosts file if you just want to hit a few things inside your house.
Now click on Privilege. Just give the minimum privileges to the user who needs them. There is no need to grant VPN access to users who will not use it.
Set up your router for VPN (L2TP)
My router is a Linksys WRT1900ac which I like very much. It supports port forwarding, and Synology can often talk directly to a router and request open ports. However, there is something to be said for handling things on your own. It lets you know exactly what’s going on, and it can be less of a “black box”.
Log into your router and in this case from L2TP, forward UDP ports 1701, 500 and 4500. On my Linksys, it’s under Security, Apps & Games.
The device IP address is your Synology’s internal IP address. It’s better to have your Synology use a static IP address, or at least have a DHCP reservation so that that IP doesn’t change and things stop lining up.
Also, make sure that your router is passing L2TP traffic as well. I changed this under security.
At this point, you should at least be able to try to connect to your home via a VPN. I ran this as a quick test by removing my iPhone from the wireless network (hence the open internet) and back the VPN again.
If successful, you should be able to see yourself in the VPN server | Our Synology contact list area.
This is what I did on my iDevice to set up the VPN.
iOS / iPhone / iPad Setup for VPN
From the iOS Settings app, go to General | VPN. Touch Add VPN Configuration. I chose L2TP and entered my server name or IP and named the account “home”.
Note: If you don’t want to use your own IP address, you can use Synology.me’s dynamic DNS feature built into your Synology, or any one of the many dynamic DNS systems that will give you a cool domain like “myhanselmanhouse.foofoo.com” or whatever It was. You can also, if you like, set up a CNAME with your own domain and point it to that dynamic domain. So vpn.hanselman.com can be your server, if you like.
With L2TP, you will need your username and password, as well as the shared secret. This is like another password. Specifically, the secret text box in iOS is the “Pre-Shared Key” from your Synology L2TP VPN setup.
At this point, you will get a great VPN option in the Settings app under Personal Hotspot which was not there before. You can turn it on and off now easily.
Once I access the VPN, I can see a file [VPN] Indicator in the top status bar. You have installed the free Microsoft Remote Desktop Client for iOS.
And here I introduced the VPN to my home computer from my iPhone. This can of course be done on Android and Windows Phone as well.
It looks small, but it’s actually very usable, especially from an iPad with a Bluetooth keyboard.
Setting up L2TP VPN on Windows 8.1
Now I will set up the VPN to go home on my Windows 8.1 device. For some reason this was very easy in Windows 7, but in Windows 8.1 there is no obvious way to add L2TP VPN. You can add other simpler (or vendor) VPNs directly, but not L2TP.
Just press the Windows key (or the Start menu) and type “Add VPN”. When you get to the VPN management screen, you will see this and you can fill it out.
But setting up an L2TP VPN with a pre-shared key requires more work. If you know of a simpler way, please let me know. I can see three different ways to reach the same result.
Go ahead and create a new VPN connection from the above list. Select Microsoft as the VPN type and optionally enter the server address, name and password. This will create a VPN connection.
Pay attention now. Go back to the start menu and type “network connection”. You want the first item called “View Network Connection” (a classic control panel, not a full-screen “Metro”).
From there, you’ll open a classic dashboard and see your VPN connection. Right click and click properties.
Click Security, make sure L2TP is set, and then click Advanced settings.
“
Put the pre-shared key there.
Connect to your home VPN and enjoy
Of course, please remember to use strong passwords and strong pre-shared keys and change them. Don’t be lazy.
At this point, you can call your home/office and work to your heart’s content.
For some of you, this is “duh” or old hat, but for me it was something I had never done. Mostly it prevents laziness. But just last week, I had to drive 30 miles home from dinner in order to transfer a file from my desktop to Dropbox. I’m pretty sure I’m not the only smart tech person with a story like this. This VPN setup meant I could do it from my phone and it would have saved me huge hassles and over an hour of my time.
Related links
about scott
Scott Hanselman is a former professor and former chief financial engineering engineer who is now a speaker, consultant, father, diabetic, and employee at Microsoft. He’s a failed stand-up comedian, transplant, and book author.
About the newsletter
Hosted by
[ad_1]
Don’t forget to share this post with friends !
