Setting up a VPN Server on Synology NAS is a powerful way to create secure remote access to your network.
Instead of relying on third-party VPN providers, you can host your own private VPN directly on your NAS.
In this guide, you will learn how to install and configure Synology VPN Server step by step.
The tutorial covers common VPN protocols such as OpenVPN and L2TP/IPsec for flexible deployment.
Using a VPN on Synology NAS helps protect your data, encrypt traffic, and safely access internal resources from anywhere.
This setup is ideal for home users, small businesses, and IT administrators.
With proper configuration, you can achieve enterprise-level VPN security at a low cost.
Follow this guide to deploy a stable and secure VPN Server on your Synology NAS.

1. PP2P

Step 1: NAT Port

NAT Port 1723

Step 2: Enable PP2P

Step 3: Add VPN Connect to Windows

Check IP WAN: 27.64.16.182

2. L2TP/IPSEC (Real NAS)

Step 1: NAT Port

NAT Port: 1701, 500, 4500
Create preshare-key

Step 2: Enable L2TP

Step 3: Add VPN Connect to Windows

3. Open VPN (Real NAS)

Step 1: NAT Port

Step 2: Configure OpenVPN in VPN Server (Synology)

Go to Package Center → VPN Server → OpenVPN

🔐 Authentication

• Authentication: SHA256

👉 Standard, robust, and compatible with the OpenVPN GUI on Windows
• Client verification: Enable

• Verify TLS auth key: ✅ Enable

o This helps prevent Scan/Bruteforce
📌 No complicated changes needed, Synology’s built-in settings are quite good.
________________________________________
🔒 Encryption
• Encryption: AES-256-CBC
👉 Most common, OpenVPN GUI supports it well.
📌 If the NAS is newer and the client is newer, AES-256-GCM is also okay.

📦 MTU

• MTU: 1500 (default)
👉 Works well on most Vietnamese networks.

• If you encounter errors:
o Connects but cannot access the web / slow access
→ Reduce to 1450 or 1400

✅ Allow clients to access the server’s LAN (if you want to access the internal network)
✅ Enable compression on the VPN link → ❌ DO NOT tick
✅ Dynamic IP address → should be enabled

Step 3: Create VPN users

• Go to Control Panel → Users

• Which users are allowed to VPN:
o VPN Server → Privilege → tick OpenVPN

Step 4: Download the VPN configuration file

In VPN Server → OpenVPN
👉 Click the Export configuration button
It will download:
openvpn.zip
Extract it and you will see:
VPNConfig.ovpn
ca.crt
README.txt
📌 The file to import is:
VPNConfig.ovpn
Open VPNConfig.ovpn with Notepad++:
🔧 Edit the server line
Find:
remote YOUR_SERVER_IP 1194
Change it to:
remote yourdomain.com 1194

or your real WAN IP

Step 5: Download the OpenVPN GUI app

Step 6: Import the configuration file

Do the following:
• Install OpenVPN GUI for Windows
• Import the .ovpn file
• Right-click the OpenVPN icon → Run as Administrator
• Connect
📌 Synology exports the standard OpenVPN file, not Needs a lot of adjustments