Release a VPN app for he EX and DL series NASs

The DL and EX series NAS’s are capable of having apps installed.  Like I’ve found the Dropbox app really useful.

Is there any reason why a VPN server app can’t be written so the EX and DL NAS’s can act as home VPN servers to allow Windows and Linux operating systems to connect to?  Even allow Android phones and tablets to connect to as those have VPN clients built-in.

So, for a business professional and business class NAS’s, please someone write a VPN server app?

(Considering that OpenVPN is already installed in the NAS’s firmware and the app would just need to configure it to also act as a VPN service.)

14 Likes

Like this idea

Hoiw many kudoses are needed before it’s seriously considered for develoipment either as an addin app or part of the core firmware?  Just curious.

I like this idea.

1 Like

I believe I found some sort of solution that will work at least on the DL4100 and possibly DL2100.

When I have time I’ll try write more concise instructions. SSH access will need to be set-up with an Telnet client that works over SSH.

  1. Get the Entware package from https://wdcommunity.com/ and install it.
  2. Once installed SSH Telnet into the NAS and use opkg to update the package list and then find and install the needed packages for SoftEther. It would also be a good idea to get the updated EntWare version of BusyBox.
  3. Configure SoftEther with a Virtual Hub that utilises SecureNAT and the virtual hub is bridged to a virtual network tap device. SoftEther will create this if it does not exist. I named mine t0.
  4. Use the Linux ifconfig command to assign a static IP address to one within the LAN IP address space of the SecureNAT created by SoftEther, so for me I used ifconfig tap_t0 192.168.30.2

So on the VPN connection that gets established …

SoftEther allocates a DHCP address from and including 192.168.30.10 to 192.168.30.100
The default gateway for the VPN connection is 192.168.30.1
The NAS is visible on 192.168.30.2
Everything else on the LAN is available using their own IP addresses.

for some reason a straight forward bridge does not work. When I tried I could access everything on the LAN from the VPN connected device, but the NAS’s IP address was not accessible therefore having to use SecureNAS and through a virtual network device with an IP that’s different from the IP address assigned to egiga0 and egiga1 and that the virtual network’s IP is in the same IP range as that allocated to the VPN client by SoftEther.

I modified the SoftEther’s start-up and shut-down script to …

#!/bin/sh

PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
export GCONV_PATH=/opt/lib/gconv

case $1 in
        start)
        logger "Starting softether vpnserver service."
        LANG=en_US.UTF-8 /opt/libexec/softethervpn/vpnserver start
        sleep 5
        logger "Assigning 192.168.30.2 to tap_t0."
        ifconfig tap_t0 192.168.30.2
        ;;
        stop)
        logger "Stopping softether vpnserver service."
        LANG=en_US.UTF-8 /opt/libexec/softethervpn/vpnserver stop
        ;;
        restart)
        logger "Starting softether vpnserver service."
        LANG=en_US.UTF-8 /opt/libexec/softethervpn/vpnserver stop
        sleep 5
        logger "Stopping softether vpnserver service."
        LANG=en_US.UTF-8 /opt/libexec/softethervpn/vpnserver start
        sleep 5
        logger "Assigning 192.168.30.2 to tap_t0."
        ifconfig tap_t0 192.168.30.2
        ;;
        *)
        echo "Usage: $0 {start|stop|restart}"
        ;;
esac

(Hope this makes sense.)

Now, does anyone know how to do the same thing, but without using the SecureNAT feature? When connecting through the VPN the connection is on another IP network segment (192.168.30.0 / 255.255.255.0) and the NAS and all other services are accessible using the IP address assigned to the virtual tap (192.168.30.2) as SoftEther can’t see the IP assigned to the egiga0 or egiga1 physical network ports.