Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15
  1. #11
    Master Untangler
    Join Date
    Jun 2015
    Location
    NW Arkansas
    Posts
    202

    Default

    OK. I can now ping and telnet to the Synology NAS on internal interface when connected to OpenVPN interface. However I cannot access DSM via default https://192.168.0.129 or https://192.168.0.129:5001 (or http:// or http://192.168.0.129:5000). Synology NAS firewall is off. All settings are default. Am checking Synology resources also as this cannot be uncommon considering I'm using defaults).

    Though I did notice when I connect to my Windows Server SSTP VPN (instead of Untangle OpenVPN), this issue does not occur.

  2. #12
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,945

    Default

    That's because SSTP NATs, the Synology isn't seeing traffic from a VPN client, it's seeing traffic from a local server. And when it doesn't NAT, it bridges so the VPN clients are in the LAN IP range.

    Untangle OpenVPN also NATs, but is limited to routing. You must have turned that off. (OpenVPN -> Settings -> Server Tab left column, 2nd check box... NAT OpenVPN Traffic must be disabled.

    Enabling it and reconnecting will probably resolve your issue, but again it's not about blocking, it's about a firewall on that Synology that's not working the way you think it should.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #13
    Master Untangler
    Join Date
    Jun 2015
    Location
    NW Arkansas
    Posts
    202

    Default

    Confirming OpenVPN was already set to NAT OpenVPN Traffic = Enabled. Also Exported Networks included Internal Primary Network 192.168.0.1/24.

  4. #14
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,945

    Default

    Wow, then I haven't a clue what is going on. Unless the Synology is very specific and refuses to accept traffic translated from its gateway IP address. But that seems like a stretch... It's possible but it's still a stretch.

    Have you double checked the synology's IP configuration? It has Untangle as the default gateway?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #15
    Master Untangler
    Join Date
    Jun 2015
    Location
    NW Arkansas
    Posts
    202

    Default

    So Synology reserves HTTP port 5000 and HTTPS port 5001 as default for this DSM management UI by default.

    Upon changing these, everything has immediately started working.
    Last edited by miles267; 07-09-2020 at 06:43 AM.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2