PPTP VPN server on ASUSTOR NAS (Iphone users need to pay attention to the way of Encryption)
Posted by Jack Ni on 22 December 2013 08:31 PM
Here's a tutorial for users who may want to use their ASUSTOR NAS as a PPTP VPN server.
If you want to connect to an ASUSTOR NAS using OpenVPN, we will have another article discuss about this.
VPN Server Settings:
1) Install the VPN Server App from App Central
2) Configure the PPTP VPN server
a. Enable the PPTP connection (your router must support the GRE passthrough)
b. Configure access rights for users that will be able to access the VPN server. (Here we will enable access rights for both PPTP and Open VPN)
Note: You can also configure access rights by groups.
c. PPTP VPN server configurations
i. Select the interface you want to bind with the VPN server.
ii. Server configurations
Dynamic IP address: These IP addresses will be assigned to VPN clients.
Max Client Number: The maximum number of concurrent clients.
Authentication: ASUSTOR’s VPN Server supports both PAP and MS-CHAP v2.
Encryption: When selecting the authentication type as CHAP, this option will be enabled. ASUSTOR’s VPN server supports 2 encryption methods: MPPE and Max MPPE.
Max. MTU and Max. MRU: The maximum packet size that can be transmitted/received by the VPN server.
DNS server: Select this checkbox to assign a DNS server to clients.
d. From the ADM desktop, select [Settings à Ease of Access] and open the following ports for the VPN server:
Enable- app#vpn-server 1723 TCP
Enable- app#vpn-server 1723 UDP
VPN Client Settings:
a. Click on the network icon to open the "Network and Sharing Center".
b. Click on "Set up a new connection or network" to open the setup wizard.
c. Select "Connect to a workplace".
d. Select "Use my Internet connection (VPN)".
e. Input the information for the Internet address and a name for the connection.
The Internet address should be the hostname or IP address of your NAS.
f. Enter a username and password that you have enabled in your VPN server.
g. After the connection is created, there will be some more settings to configure before you can connect to the server.
Click on the network icon again and then right-click on the VPN connection you just created.
h. Click on the "Security" tab, select PPTP for the type of VPN and then select a corresponding authentication protocol.
i. All configurations are now complete. Now you can connect to your NAS
Click on the network icon and then click "connect".
Click "connect" again in the pop-up window.
After the connection is established you will be able to see its status when you click on the network icon.
2) Mac OSX
a. Go to “System Preferences” and then click on "Network" icon.
b. Add a new connection by click on the "+" button under network list.
c. For connection type, select PPTP VPN and input a name for this new connection.
d. Input the hostname or IP address of your NAS, a username and then select a corresponding encryption method.
e. Click on "Authentication Settings..." and input the password for your username.
f. Click on "Apply" and then click on “Connect”.
g. After the connection is established, you will see that the connection status has changed to "Connected".
3) Another ASUSTOR NAS
a. Go to [Settings à VPN] and then click on "Add" to create a new connection profile. Select PPTP as the VPN connection type.
c. Input a name for the connection, the IP address or hostname of the VPN server and a username and password.
d. Click on "Advanced" to select the authentication type and encryption method.
e. Click on "Connect" to start the connection.
f. The connection should be established successfully.
4) After the VPN connection is established, you can check if your VPN client is connected to the VPN server correctly by using the following methods:
a. the IP address or your VPN clients show be one of the IP addrss that you configure in VPN server to assign to clients
a. The IP addresses of your VPN clients should be one of the IP addresses that you configured for the VPN server to assign to clients.
=> If you find that your client IP has changed to 10.0.0.x, then the connection to the VPN server is successful.
b. The WAN IP address should be identical for both the VPN server and VPN client.
You can check the WAN IP address by using the following methods:
i. Use a WAN IP lookup website: http://www.hashemian.com/whoami/
ii. Use trace route commands to check the route of clients.
=> If you find that the WAN IP is the same as the WAN IP of your NAS, then the connection to the VPN server is successful.
For Iphone users, you need to pay attention to the way of Encryption
When the Encryption of VPN Server set “ None”, your Iphone also need to set Encryption Level as “None”.
Please see the picture as below: