Private Internet Access (PIA) OpenVPN with Synology DSM 6.2

Update 29, November 2020 – There’s been a change in how PIA connects. Following the directions I wrote below will not work. Instead, follow the directions here with the following edits (from /u/cossadone on Reddit) to your openVPN config file of choice.

  • Delete the “compress” line
  • Delete the entire “<crl-verify>” section
  • Add the line “comp-lzo no”

I recently signed-up for Private Internet Access‘ (PIA) VPN service. I do a lot of traveling and work in various places away from home. Having the extra – if not essential – security layer regarding my web traffic is something I’ve been wanting for a while now. The PIA iOS and Mac apps are easy to set up and use. Since I also use my Synology NAS to transfer content I wanted to figure out how to make that device also take advantage of my VPN account.

I found some directions for setting this up with the Synology DSM software version 6.1 and since I didn’t perceive much difference between 6.1 and 6.2 as a user I followed the directions. Except, things didn’t work!

Every time I went to connect the VPN connection in the Network control panel I was met with a connection error. I tried recreating the connection, resetting my password, and yes, even turning the NAS off and on again. Everything worked fine from my other devices, but the Synology would not successfully authenticate.

Here’s what worked.

First, download the files from PIA as described in the directions linked to before.

https://www.privateinternetaccess.com/openvpn/openvpn.zip

Unzip that file and keep the resulting folder handy.

Second, log-in to your Synology running 6.2. Open the Control Panel then select Network. From there, select the Network Interface option. You’ll want to click Create from the top menu and then Create VPN profile. Now this is where things diverge from existing directions. Select OpenVPN and click Next.

Now give the profile a name you’ll recognize. For the server address, remember that zip file you downloaded? In that file is a bunch of .ovpn files. These are OpenVPN configuration files. They are just text files. Select the file that matches the server location you wish to use. I chose one that is geographically near me. You may wish to select one that is geographically far. it doesn’t matter. 🙂 Open it in your favorite text editor. I used BBEdit.

There are a few bits of information we want from the file. Look for the line that starts with remote and then an address and port.

remote hk.privateinternetaccess.com 1198

Return to your window with DSM open and enter the information into the Create profile window. Enter your PIA user name and password. Make sure you change the port to match what you found in the OpenVPN config. You should have something that looks like this.

For the last step on this window, you’ll want to select the CA certificate from the zip file. It’s the file that has a .crt extension. Then click Next.

Leave the Enable compression on the VPN link setting checked. Check the Use default gateway on remote network and Reconnect when the VPN connection is lost option. Then click Apply.

Now, select your newly created VPN interface and click Connect. Viola! Your Synology should now be connected to your VPN account.

One last thing. If you want all traffic to go through that connection (which you probably do!), click the Manage option in the Network Interface menu and select Service order. Put the VPN connection first. Then click OK. Return to the General tab in the Network control panel and set the default gateway to your VPN connection. Set the order here as well; VPN first.

Now, to test your connection! Visit https://ipleak.net in a new window/tab in your web browser. Navigate to the section that says Torrent Address detection. Activate that feature and then copy and paste the Magnet link into the DSM Download Station app. Start the download and wait for ipleak.net to refresh. Check the IP address. It should not match your local machine, but that of your VPN connection.

Two quick notes. There is no intelligent dead switch to stop transfers if your VPN connection goes down. My experience has been that it’s quite reliable. Your mileage may vary. In researching this topic I found comments related to the remote features of your Synology not working properly and requiring further configuration. I don’t frequently use my NAS off my local network so I have not bothered looking into this aspect. There are numerous guides online for both issues that may be helpful.

I hope this guide helps folks. Leave a comment if it helped, if made a mistake in my instructions, or if you have a better suggestion for setting this all up! Thanks for reading.

A Few Notes on Barcelona and SMWCon

My trip to Barcelona was an adventure that I’ll never forget. The city was beautiful and the people I met and made friends with even more so. The conference was rewarding and invigorating.

I don’t know if I have the language to put into words what I experienced. I’ve been trying to write this post for a while and continue to be fruitless. I can say, that for a person who hasn’t traveled internationally much (until this past year) it remains one of my favorite things to do. You can travel alone, but if you do it right you’ll never be alone.

So maybe I’ll just try to be as succinct as possible.

Travel. Do it often. Take photos, but not too many. Make opportunities. If invited to go out – Go.

I’ve put together some perfunctory notes on the professional aspects of the conference on the MediaWiki Stakeholders’ Blog. Again, it doesn’t do the trip justice.

Unsolicited Travel Tips

While waiting for my return flight from Barcelona (via Zürich) I jumped on Twitter to dump a few things I’ve learned in the last year of travel. Instead of leaving my thoughts there to disappear into the ether I thought I’d collect them here. 1 While by no means a travel expert these are a few things I picked up that serve as both a reminder to future me and might be helpful for you as well. YMMV and all that.

  1. If you bring something to entertain you while hanging out in your hotel room (like a tablet) leave it behind. You’ll never have time to play with it.
  2. If asked to go out into the city by instead of staying in the hotel – even if you’re tired – do it. Regret makes for a terrible story.
  3. Don’t use your local phone service overseas. If possible, unlock your phone & get local SIM. On this last trip I paid $15 (Euro) for gb from Orange. AT&T, my home provider, wanted to charge me $120 (US) for 800mb.
  4. Pack extra socks. Lots of socks. Change them midday. Your feet will thank you (and your nose too).
  5. Travel light. Roll clothes. Don’t check a bag. Don’t take lots of toiletries. Unless traveling to the Sahara, just find a store. Being able to just get on/off a plane without checking/picking up a bag is amazing.
  6. Go away from the city center. Use public transit. Ask locals for dining suggestions. None of this is that scary. It will make your trip even more unique and interesting.
  7. iPhone users: Turn on Low Power Mode and keep it on. You don’t need push email/notifications when you’re on a trip! This means longer times between charges (more time to look up at the place you’re in and less time looking down at your screen) and no need to scramble for a charger.

Kottke’s Intro to Joanna Goddard’s “Motherhood Around the World”

 “On sleep camps: Government-subsidized programs help parents teach their babies to sleep. I haven’t been to one (though I did consider it when we were in the middle of sleep hell with our daughter) but many of my friends have. The sleep camps are centers, usually attached to a hospital, that are run by nurses. Most mums I know went when their babies were around six or seven months old. You go for five days and four nights, and they put you and your baby on a strict schedule of feeding, napping and sleeping. If you’re really desperate for sleep, you also have the option of having a nurse handle your baby for the whole first night so you can sleep, but after that you spend the next few nights with your baby overnight while the nurses show you what to do.”

Jason Kottke does a great job introducing Joanna Goddard and her series “Motherhood Around the World“. As a parent in America who grew up in a time where it was normal for us kids to be gone all day – out of sight and without technology – I often struggle with what is “normal” or “safe” for kids in these modern times. Joanna’s series helps put some things in perspective and is a great read. The above quote is from a mom in Australia. From Joanna’s introduction,

“Every Monday, we’ll feature an American mother living abroad in a different country around the world with her family. (First up today: Norway!) Honestly, the interviews have been FASCINATING. While working on them, I kept running into the living room to tell Alex the surprising things these mothers were revealing. Thank you so much to all the incredible mothers who shared their stories”