Tutorial: Use CloudConnexa for remote access to Synology NAS and NAS-to-NAS backups
This tutorial shows how to connect Synology NAS to CloudConnexa for site-to-site backups and remote access.
Overview
Owen is the IT administrator of a business that uses Synology Network Attached Storage (NAS). The business has offices in Boston and New York City (NYC). He has one NAS in each office location. He wants to provide access to the files stored on the NAS to the office workers when they work remotely and also backup the contents of the NAS in the Boston office to the NAS in NYC and vice versa so that a geo-redundant backup is maintained.
Owen does not want to run a VPN server because he does not want to purchase static public IP addresses from his ISP, set up port forwarding and a DMZ, and do other things needed to allow incoming VPN connections. Owen wants to use a service instead of managing VPN servers.
CloudConnexa Setup
The Synology NAS will act as an OpenVPN client, with CloudConnexa providing the VPN service from its Points of Presence worldwide. The NAS will be configured as a CloudConnexa Host because it is similar to an application server and must always be connected to CloudConnexa to provide access.
Here are the steps that Owen takes to connect both NAS systems to CloudConnexa for remote access and site-to-site backup:
Owen signs up for CloudConnexa and registers technop as Cloud ID.
He logs into the Administration Portal at
https://technop.openvpn.com
and navigates to Hosts > Hosts to add a Host representing the NAS in Boston. For the screenshot sequence, refer to Tutorial shows adding a Host and downloading the .ovpn file for the ConnectorClicks Add Host and scrolls down to click Skip Wizard.
He provides NAS_Boston as the name for the Host and nasboston.local as the host domain name.
He chooses Boston as the Region for the Connector and clicks Add Host.
On the Connectors tab, he sees that the permanent tunnel IP address assigned is 100.96.1.130. He clicks Deploy and selects Download Profile in .ovpn format from the drop-down choices. The .ovpn profile file gets saved in the browser's default download directory.
Owen uses the downloaded .ovpn file to connect the Boston NAS to CloudConnexa. Refer to Use .ovpn connection profile file to connect Synology NAS.
To test remote access, Owen downloads the OpenVPN Connect Application on his laptop and installs it.
He imports a profile by URL using his Cloud ID
https://technop.openvpn.com
, authenticates, and selects a Region closest to him.Note
Any of the CloudConnexa Regions can be chosen. It does not need to be Boston because the NAS is connected to Boston Region.
Once connected, he can access the Boston NAS using nasboston.local or 100.96.1.130
Owen adds another Host for the NYC NAS.
CloudConnexa is now providing full access to all connected devices to each other as the WPC Topology is set to 'Full Mesh'. Therefore, the NAS in Boston has secure connectivity to the NAS in NYC and can be used for backup. Refer to Configure Synology NAS backup
Note
To add access restrictions, the WPC Topology must be set to 'Custom', and Access Groups must be set.
With everything configured and tested, Owen adds Users or configures SSO for the company's employees.
Tutorial shows adding a Host and downloading the .ovpn file for the Connector
Use .ovpn connection profile file to connect Synology NAS
Note
Information from the Synology knowledge base has been used for these steps.
Go to Control Panel > Network.
Under the Network Interface tab, click Create and choose Create VPN profile.
When prompted to choose a VPN connection method, choose OpenVPN (via importing a .ovpn file), and then click Next.
Pick a name for the new profile, and in the Import .ovpn file field, click Browse to select and import the file that was saved earlier using the Connector's Deploy option of Download Profile in .ovpn format.
CloudConnexa ignores the username and password values as mutual digital certificate authentication is used for Connectors. If mandatory, enter something in those fields.
Click Next.
Tick the Reconnect when the VPN connection is lost checkbox and click Apply.
Select the VPN Profile you just created and click Connect.
Configure Synology NAS backup
Note
Information from the Synology knowledge base has been used for these steps.
Go to DSM Package Center to install Hyper Backup (if not yet installed).
Open Hyper Backup and click the + icon. Select Folders and Packages.
Select Remote NAS Device. Click Next.
Select Create backup task and enter the IP address and account information of the remote NAS device. Click Log In to connect with the destination.
Note
For the remote NAS Server name or IP address, you will use the domain name configured for the Host or the tunnel IP address of the Connector. Based on Owen's configuration for the Boston NAS it could be either nasboston.local or 100.96.1.130.
Select a shared folder as the backup destination. You can also change the name of the Directory, where you can find your backed-up data. Click Next.
Select any shared folders you'd want to back up. Click Next when finished.
Select the packages that you'd want to back up. Click Next.
For further steps, refer to the Synology knowledge base article.