How to: Setup Private Internet Access OpenVPN connection on a Synology NAS (DSM 5.0)

I have been using Private Internet Access for many years with my Synology NAS which worked beautifully until recently when out of the blue it just stopped working and starting complaining about a certificate error. It would appear PIA have changed something and the new OpenVPN Configuration Files don’t work with DSM 5.0.

Synology stopped supporting my NAS with DSM updates many years ago, i know i should probably upgrade but if it ain’t broke (or you can fix it), why put your hand in your pocket for a new one.

After a lot of trial and error i did finally land on a solution:

  1. Download the latest OpenVPN Configuration Files, i use UDP port 1198 with AES-128-CBC+SHA1, and connect via an IP address instead of the server name
  2. Log on to Synology, Control Panel > Network > Network Interface
  3. Create VPN Profile > OpenVPN
  4. Server address use the IP address of the VPN server, you can find the IP address by opening the .ovpn file of your chosen server in a text editor
  5. Enter your user name and password for PIA, the same credentials you use for the website (pXXXXXXXX)
  6. Import the certificate
  7. Select, Use default gateway on the remote network, Reconnect when the VPN connection is lost
  8. Click Okay and Save but don’t try and connect just yet as it won’t work
  9. Download and install WinSCP (just google it)
  10. Log on to Synology, Control Panel > Terminal and SNMP
  11. Enable Telnet and Enable SSH
  12. Open WinSCP, type the IP address of your NAS, in the user name enter ‘root’ and in the password type your administrator password
  13. Navigate to /usr/syno/etc/synovpnclient/openvpn
  14. Right click on the ‘client_’ file and select duplicate, at the end of the file name add ‘.bak’ and save (this will create a backup of the original file in case you need to revert back)
  15. Now right click on the ‘client_’ file again and this time select edit
  16. You should see a line with the IP address you entered in step 4, and a port number (1194). Change the port number to 1198
  17. Under that line add the following two lines of code:
    cipher aes-128-cbc
    auth sha1
  18. Save the file and try the connection from Control Panel > Network > Network Interface, it should now connect. If it doesn’t make sure you have forwarded UDP port 1198 to your NAS device in your routers port forwarding page (use google)
  19. Now test the VPN connection is working on your NAS using IPmagnet
  20. Don’t forget to disable Telnet and Enable SSH when you’re done


One thought on “How to: Setup Private Internet Access OpenVPN connection on a Synology NAS (DSM 5.0)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s