This guide was produced using QTS v4.2.3

QTS's GUI for connecting to OpenVPN doesn't allow for all of the required parameters to be set. Some manual steps are required to complete configuration of an OpenVPN connection to IVPN. This requires accessing and copying files outside of the QTS GUI by connecting to the NAS drive through SSH or telnet.

  1. The first step is to download the OpenVPN configuration files to any folder on your desktop.
  2. Extract the zip and choose a server configuration file based on the location of the server you would like to connect to (one of the *.conf files, eg. IVPN-Singlehop-Germany.conf).
  3. Copy the selected .conf file and the following files from the downloaded zip to any of the shared folders on your NAS. Eg: \volume1\Files\Temp\
    • ca.crt
    • ta.key
  4. Now we need to enable SSH access in QTS. Open QTS, navigate to Control Panel -> Network Services -> Telnet / SSH. Step 4
  5. Check the box Enable SSH service and click Apply. You can disable SSH access once the steps are complete. Alternatively you can enable the Telnet service and use a telnet client to connect to the NAS instead of SSH.
  6. Now we setup the OpenVPN connection. In QTS, go to Control Panel -> Applications -> VPN Client. Step 6
  7. Select Add -> OpenVPN. Step 7
  8. Complete the next window with the server information (defined in each *.conf files download in step 1) and your IVPN credentials:
    • Server address is the address of the server which is in the .conf file you have previously chosen. eg. nl1.gw.ivpn.net
    • The first item next to Port is the protocol which is dependent on the configuration you have chosen to use, TCP versions have their own config files (either UDP or TCP). If you're not sure what to select see what are TCP connections.
    • Port is the port of the connection which is in the .conf file you have previously decided to use. e.g. 2049.
    • User name is your IVPN user name (starts with 'ivpn', not your email address).
    • Password is your IVPN password (by default the password you entered during signup).
    • Encryption - Select High (AES 256 bit)
    • Certificate - Select the certificate file ca.crt from where you downloaded the configuration files to earlier.
    • Check all the boxes except 'Specify the subnet mask'
    • Select Create.
    Step 4
  9. You'll now have a VPN connection defined in the VPN Client section section. Attempting to connect will fail though. The QTS configuration file will need to be updated and some extra files copied to the NAS drive. Step 4
  10. Now we need to SSH into the QNAP. Open an SSH client and connect to QTS using the admin account. Password will be the same as the 'admin' account password for QTS (you can change this password by logging into QTS using any account that is in the administrator group and going to Control panel -> Privilege Settings -> Users). Step 4
  11. Navigate to /etc/config/openvpn/clients/ Step 4
  12. Check directory contents as shown below. Each new VPN connection is saved as a file in the format clientN. If this is the first VPN client ever configured on this NAS, you will only have one file named client1. The file that will need to be modified is the last created. Step 4
  13. Open this file using either a command line editor such as vi or copy this file to a shared folder on the NAS (eg. cp client1 /share/Public) and open it with your editor of choice. The file will look similar to that shown below with differences depending on your VPN profile setup. Step 4
  14. Open the *.conf configuration file you chose earlier in a text editor. Copy and paste the following lines into your new openvpn configuration file
                    persist-tun
                    persist-key
                    persist-remote-ip
                    key-direction 1
                    ns-cert-type server
                    
    Step 4
  15. You also need to copy and paste the contents of the ta.key that you downloaded earlier. Add its content in-between two new lines: eg. <tls-auth> and </tls-auth> Step 4
  16. If you copied the config file to a shared folder copy the new version of the file to the openvpn directory, eg. cp /share/Public/client1 client1 Step 4
  17. Open QTS and go back to Control Panel -> Applications -> VPN Client. Click connect on the VPN profile you created earlier. Step 4
Was this answer helpful?

Can you please tell us how we can improve this article?