With Synology's VPN Server package, your Synology NAS can become a VPN server, allowing DSM users to remotely and securely access resources shared within the same local area network as your Synology NAS. This article demonstrates how to connect to Synology's VPN Server using Windows 10 and 11.

• You have installed and set up Synology's VPN Server.
• You have a user account ready to connect to VPN server and VPN server is properly configured to allow external connections.

Set up PPTP and L2TP/IPSec VPN connections

1. Add a VPN profile.
   • On Windows 11
     Select the Start button, then type Settings. Go to Windows Settings > Network & Internet > VPN. Click Add VPN.
   • On Windows 10
     Go to Windows Settings > Network & Internet > VPN. Click Add a VPN connection.
     
2. Fill in the information as follows:
   • VPN provider: Select Windows (built-in).
   • Connection name: Name this VPN connection.
   • Server name or address: Enter the public IP address of your Synology NAS.
   • VPN type: Select Point to Point Tunneling Protocol(PPTP) or L2TP/IPsec with pre-shared key.
   • Pre-shared key (for L2TP/IPSec VPN only): Enter the IPSec pre-shared key.
   • Username: Enter the username of your DSM account.
   • Password: Enter the password of your DSM account.
3. Click Save to save this VPN profile.
4. Click on the VPN profile you just created and click Connect to connect to the VPN. Once the connection is established, you should be able to access resources shared within your Synology NAS's local network.
5. To disconnect, click the Network icon in the system tray. Select your VPN connection and click Disconnect.
   

Create a Windows registry key

This step is only required if your L2TP VPN server is located behind a NAT router. Press the Windows key+ C, type " regedit " in the search box, and press Enter or double-click regedit.

1. Click Yes to allow the Registry Editor to make changes to your device.
2. Type "Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent" in the search box of the Registry Editor window, or find the corresponding folder from the left panel.
   
3. Right-click on PolicyAgent, and select New > DWORD (32-bit) Value.
   
4. Type "AssumeUDPEncapsulationContextOnSendRule" and press Enter.
5. Right-click AssumeUDPEncapsulationContextOnSendRule and click Modify.
   
6. Enter "2" in the Value data boxfield, select Hexadecimal, and click OK.
   
7. Exit Registry Editor and restart your device.

Set up an OpenVPN connection

1. Download and install the application from OpenVPN's official site. In this example, we will use OpenVPN 3.2.2 to demonstrate how to set up OpenVPN VPN connections.
2. After the installation is complete, you can find OpenVPN GUI in the Start menu. Launch it as an administrator.
3. Export the configuration file from the OpenVPN tab on VPN Server. Extract the exported file. You should see the openvpn.ovpn and README.txt files.
4. Open openvpn.ovpn with a text editor and replace YOUR_SERVER_IP with the public IP address of your Synology NAS. If your Synology NAS is behind a NAT device, replace YOUR_SERVER_IP with the exact public IP address. If you wish to send all traffic over VPN, remove # from #redirect-gateway def1. Save the file after editing.
5. Put the openvpn.ovpn files into the config subdirectory under the OpenVPN directory (i.e., C:\Program Files\OpenVPN\config\).
6. Double-click the OpenVPN GUI icon in the system tray.
   
7. Use your DSM user credentials to connect to VPN Server.
8. Once the connection is established, you can click Disconnect to disconnect or Reconnect if your connection is interrupted.

Configure gateway settings for VPN clients

1. Open the Change adapter settings window.
   • For Windows 11: Select the Start button, then type Control Panel in the search bar. Select Network & internet > Network and Sharing Center > Change adapter and settings.
   • For Windows 10: Go to Control Panel > Network and Internet > Network and Sharing Center > Change adapter settings.
2. Right-click on your VPN connection and select Properties.
   
3. Switch to the Networking tab. Select Internet Protocol Version 4 (TCP /IPv4) and click Properties.
   
4. Click Advanced in the window that appears.
5. In the pop-up window, we recommend that you keep Use default gateway on remote network ticked under the IP Settings tab. Click OK when done.