QNAP Systems Ts 253 User Guide
Have a look at the manual QNAP Systems Ts 253 User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1 QNAP Systems manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
271 4. Join a Second NAS to LDAP Domain: You can join multiple NAS to the same LDAP domain and allow the LDAP users to connect to these NAS using the same login credentials. To join another NAS to the LDAP domain, login to the NAS and go to Privilege > Domain Security, select LDAP authentication and set LDAP server of a remote NAS as the server type. Enter the DNS name or IP address of the remote NAS, the name of the previously-created LDAP domain, and enter the LDAP server password. Click Apply. Backing up/Restoring LDAP Database To back up the LDAP database on the NAS, select Back up Database and specify the backup frequency, destination folder on the NAS and other options. To restore an LDAP database, browse to select the *.exp file and click Import. Note: If the name of a user is changed in a LDAP server, it is necessary to assign the folder permissions again on the NAS. To avoid account conflicts, do not create NAS local user accounts that already exist in the LDAP directory.
272 QVPN Service The NAS supports Virtual Private Network (VPN) service for users to access the NAS and resources on a private network from the Internet. Use QVPN Service to set up your NAS as a VPN server and establish a VPN client connection. In this chapter, the following topics are covered: VPN Server Setup Third Party VPN Client Setup and Connection Privilege Settings Connection List Connect a VPN Server via PPTP Connect a VPN Server via OpenVPN Connect a VPN Server via L2TP/IPSec Logs
273 VPN Server Setup 1. Enable PPTP, OpenVPN, or L2TP/IPSec: The NAS supports PPTP, OpenVPN or L2TP/IPSec for VPN connection. Select one of the following options and configure the settings. o PPTP: Point-to-Point Tunneling Protocol (PPTP) is one of the most commonly used methods for VPN connection. It is natively supported by Windows, Mac, Linux, Android, and iPhone. You can also specify the VPN client IP pool and advanced settings (including the maximum number of clients, authentication protocol, encryption method, network interface and DNS server). o OpenVPN: OpenVPN is an open source VPN solution which utilizes SSL encryption for secure connection. To connect to the OpenVPN server, the OpenVPN client must be installed on your PC. Click Download Configuration File to download the VPN client settings, certificate/key and installation guide from the NAS and upload the files to the OpenVPN client. You can also specify the VPN client IP pool and advanced settings (including the VPN server port, maximum number of clients, encryption method, network interface, DNS server, and whether to use the redirect-gateway and compressed data before their transfer via VPN). o L2TP/IPSec: L2TP (Layer Two Tunneling Protocol) is a combination of the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Forwarding (L2F). Compared to PPTP, which only establishes a single tunnel between the two end points, L2TP supports the use of multiple tunnels. IPSec is often used to secure L2TP packets by providing confidentiality, authentication and integrity checks. The combination of these two protocols provides a high-security VPN solution which is known as L2TP/IPSec. L2TP/IPSec is supported by most clients, including Windows, Mac, Linux, and mobile devices. 2. Configure port forwarding by auto router configuration: The NAS supports auto port forwarding for UPnP (Universal Plug-and-Play network protocol) routers. Go to myQNAPcloud > Auto Router Configuration to enable UPnP port forwarding and open the ports of the PPTP, OpenVPN or L2TP/IPSec service on the router. 3. Register myQNAPcloud service: You can connect to the NAS by WAN IP or myQNAPcloud name. To configure myQNAPcloud service, check the chapter on myQNAPcloud Service or visit myQNAPcloud (https://www.myqnapcloud.com). 4. Add VPN users: Go to QVPN Service > Privilege Settings, click Add VPN Users. The local NAS users will be listed. Select the users who are allowed to use the VPN service and their connection method (PPTP, OpenVPN or L2TP/IPSec, multiple methods are also allowed). Click Add. 5. Connect to the private network by a VPN client device: Now you can use your VPN client device to connect to the NAS via the VPN service.
274 Notes: The default NAS IP is 10.0.0.1 under PPTP VPN connection. Upload the configuration file to the OpenVPN client every time the OpenVPN settings, myQNAPcloud name, or the secure certificate is changed. To connect to the PPTP or L2TP/IPSec server on the Internet, the PPTP or L2TP/IPSec passthrough options on some routers have to be opened. PPTP uses only port TCP-1723 and L2TP/IPSec uses UDP 500, 1701 and 4500; forward those ports manually if your router does not support UPnP.
275 Third-Party VPN Client Setup and Connection PPTP on Windows 8 1. Go to Control Panel > Network and Sharing Center. 2. Select Set up a new connection or network. 3. Select Connect to a workplace and click Next. 4. Select Use my Internet connection (VPN). 5. Enter your myQNAPcloud name or IP address in “Internet address”. 6. Enter a name for the connection in “Destination name”. 7. Click Create. 8. Go to “Control Panel” > “Network and Sharing Center” > “Change adapter settings”. 9. Right-click the VPN connection and then select “Properties”. 10. Enter “Security” page, select the “Type of VPN” as PPTP. 11. Click “OK”. PPTP on Mac OS X 10.10 1. Go to Apple menu > System Preferences, and click Network. 2. Click Add (+) at the bottom of the list, and choose VPN as the interface. 3. Select “Add new service (+)” and choose “VPN” in “Interface”. 4. Select “PPTP” in “VPN Type”. 5. Enter a name for the connection in “Service Name”. 6. Enter your myQNAPcloud name or IP address in “Server Address” and your QNAP NAS user name in “Account Name”. 7. Click “ Authentication Settings” and then enter the password and preshared key. 8. Click “Connect”. PPTP on Android 5.0 1. Go to “Settings” > “VPN”. Click “Add VPN profile”.
276 2. Enter “Name” and select “PPTP”. 3. Click the VPN profile and enter your username and password to start the connection. OpenVPN on Windows 1. Download OpenVPN from http://openvpn.net/index.php/open-source/downloads.html/. 2. Install the OpenVPN client on Windows. The default installation directory is C:\Program Files\OpenVPN. 3. Download the settings files from your QNAP NAS, including the certification file “ca.crt” and the configuration file “openvpn.ovpn”. 4. Open “openvpn.ovpn” and replace “OPENVPN_SERVER_IP” with your NAS IP address. 5. Place “ca.crt” and “openvpn.ovpn” in the folder C:\Program Files\OpenVPN\config. 6. Use an administrator account to launch OpenVPN and activate the connection. Note: If the OpenVPN client is running on Windows 7, add the firewall rules in the advanced settings of OpenVPN.
277 OpenVPN on Mac OS X 10.11 1. Download and install Tunnelblick from https://tunnelblick.net/. 2. Launch Tunnelblick. 3. Download the settings files from your QNAP NAS, including the certification file “ca.crt” and the configuration file “openvpn.ovpn”. 4. Open “openvpn.ovpn” and replace “OPENVPN_SERVER_IP” with your NAS IP address. 5. Double-click the configuration file (or right-click and import the file with Tunnelblick). The certification file will be imported automatically. 6. Click “Connect”. 7. Enter your NAS username and password. OpenVPN on iOS 9 1. Install OpenVPN Connect from https://itunes.apple.com/us/app/openvpn-connect/id590379981?mt=8. 2. Download the settings files from your QNAP NAS, including the certification file “ca.crt” and the configuration file “openvpn.ovpn”. 3. Open “openvpn.ovpn” and replace “OPENVPN_SERVER_IP” with your NAS IP address. 4. Open the configuration file with OpenVPN Connect. Tip: You can send the file to your email address and open it on your device, or you can send the file to the OpenVPN folder via PC with a third-party application such as “iTools for Windows”. 5. Enter your NAS username and password If you have imported the configuration file to the OpenVPN folder you will see it in OpenVPN Connect. Note: Ensure this option on your iOS device is enabled: “Settings” > ”OpenVPN” > “Advanced Settings” > ”Force AES-CBC cipher suites”.
278 OpenVPN on Android 5.0 1. Install OpenVPN Connect from https://play.google.com/store/apps/details?id=net.openvpn.openvpn&hl=en. 2. Download the settings files from your QNAP NAS, including the certification file “ca.crt” and the configuration file “openvpn.ovpn”. 3. Open “openvpn.ovpn” and replace “OPENVPN_SERVER_IP” with your NAS IP address. 4. Import your settings files to the folder on your Android device. 5. Launch OpenVPN Connect and select Import in the top-right menu. Find and import the configuration file, and then follow the instructions for importing the certification file. 6. Enter your NAS username and password. OpenVPN on Windows 1. Download and install OpenVPN from http://openvpn.net/index.php/open-source/downloads.html/. The default folder for the installation is C:\Program Files\OpenVPN. 2. Download the settings files from your QNAP NAS, including the certification file “ca.crt” and the configuration file “openvpn.ovpn”. 3. Open “openvpn.ovpn” and replace “OPENVPN_SERVER_IP” with your NAS IP address. 4. Place “ca.crt” and “openvpn.ovpn” in the folder C:\Program Files\OpenVPN\config. 5. Use an administrators account to launch OpenVPN and activate the connection. L2TP/IPSec on Windows 8 1. Go to “Control Panel” > “Network and Internet” > “Network and Sharing Center” and select “Set up a new connection or network”. 2. Select “Connect to a workplace”. 3. Select “Use my Internet connection (VPN)”. 4. Enter your myQNAPcloud name or IP address in “Internet address”. 5. Enter a name for the connection in “Destination name”. 6. Go to “Control Panel” > “Network and Sharing Center” > “Change adapter settings”.
279 7. Right-click the VPN connection and select “Properties”. 8. Go to “Security”, select the “Type of VPN” as L2TP/IPSec, and then click “Advanced settings”. 9. Select “Use preshared key for authentication” and enter the same key as the server’s settings. You can now connect to the VPN. Note: If your NAS is behind a NAT router, use the following configuration: https://support.microsoft.com/en-us/kb/926179.
280 L2TP/IPSec on Mac OS X10.10 1. Go to “System Preferences” > “Network”. 2. Select “Add new service (+)” and choose “VPN” in “Interface”. 3. Select “L2TP/IPSec” in “VPN Type”. 4. Enter a name for the connection in “Service Name”. 5. Enter your myQNAPcloud name or IP address in “Server Address” and your QNAP NAS user name in “Account Name”. 6. Click “Authentication Settings”, and enter the password and preshared key. 7. Click “Connect”. L2TP/IPSec on Android 5.0 1. Go to “Settings” > “VPN”. 2. Click “Add VPN profile”. 3. Enter “Name” and choose the type as “L2TP/IPSec PSK”. 4. Enter “IPSec Pre-shared key”. 5. Click the VPN profile and enter your username and password. L2TP/IPSec on iOS 8 1. Go to “Settings” > “General” > “VPN”. 2. Choose “Add VPN Configuration…”. 3. Select “L2TP”. 4. Enter a name for the connection in “Destination”. 5. Enter the myQNAPcloud name or IP address in “Server”. 6. Enter your QNAP NAS username, password and preshared key. 7. Go to “Settings” > “General” > “VPN” to connect to the VPN.