Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




2683 posts

Uber Geek

Trusted

# 215417 26-Jun-2017 18:05
Send private message

Hi guys, I've been trying to set up my Synology NAS to do L2TP VPN but can't seem to get the ports open for L2TP VPN on the Unifi USG. Basically, I've been into the Port Forward properties of the USG under the Configuration tab and configured the port forwards as such:

 

Click to see full size

 

And my WAN IN Firewall page looks like this:

 

Click to see full size

 

Yet when I go to canyouseeme.org, ports 500, 1701, and 4500 are not open according to it.

 

I believe I have set up the VPN correctly on the Synology NAS because if I connect to the VPN on Windows 10 via its internal IP address, it connects just fine. I am trying to connect to the VPN via its DDNS name externally.

 

Any help appreciated thanks!





Create new topic


2683 posts

Uber Geek

Trusted

  # 1807964 27-Jun-2017 23:22
Send private message

Anybody please?





Mr Snotty
8915 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1807967 28-Jun-2017 00:05
Send private message

Looks correct to me however I suspect the USG may be interfering with the traffic seeing it too can run a VPN server. How about running it on the USG itself and using Radius to provision users?

 

 

You'll need to enable RADIUS on the USG or run this on the Synology (either way works - the USG is likely easier). The USG will however only do 10Mbit over its VPN.





 
 
 
 


2459 posts

Uber Geek


  # 1807969 28-Jun-2017 00:07
Send private message

Are you sure your ISP is assigning you a public IP address on your WAN side?

 

Otherwise enable logging on the USG firewall and your VPN endpoint and see where the packets are getting to/if there are any errors popping up anywhere?

 


1032 posts

Uber Geek

Trusted

  # 1807973 28-Jun-2017 00:17
Send private message

Are you sure about your TCP & UDP protocol selection for the ports?





Please keep this GZ community vibrant by contributing in a constructive & respectful manner.




2683 posts

Uber Geek

Trusted

  # 1808225 28-Jun-2017 14:02
Send private message

@michaelmurfy I'm still on controller version 5.4.x so it doesn't have the GUI for setting up a VPN yet. How stable is version 5.5.x?

 

@kyhwana2 Yes, should be. I'm with Slingshot. I used to be able to connect to the exact same setup (or at least I think it's the exact same setup), until I connected to an external VPN from my Synology NAS. So I disconnected from it, and now it doesn't work. DDNS is also set up on the Synology with my updated public IP address.

 

@IcI I've got it to open UDP ports, which I'm sure is what L2TP needs.





Mr Snotty
8915 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1808274 28-Jun-2017 15:06
Send private message

I'm running it on the GZ controller if that answers your question :) it is a stable candidate.






2683 posts

Uber Geek

Trusted

  # 1808462 28-Jun-2017 19:35
Send private message

Do you know when it will be officially released?





 
 
 
 




2683 posts

Uber Geek

Trusted

  # 1808469 28-Jun-2017 19:42
Send private message

Also, why will the USG only do 10Mbit over VPN?





Mr Snotty
8915 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1808481 28-Jun-2017 20:02
Send private message

sonyxperiageek:

 

Do you know when it will be officially released?

 

 

Standard Ubiquiti style - when they get around to it. I normally use stable candidates as they're still considered stable but under active development. The official "stable" builds are quite old.

 

sonyxperiageek:

 

Also, why will the USG only do 10Mbit over VPN?

 

It is not offloaded - handled by the processor instead.







2683 posts

Uber Geek

Trusted

  # 1808484 28-Jun-2017 20:06
Send private message

 

 

michaelmurfy:

 

sonyxperiageek:

 

Also, why will the USG only do 10Mbit over VPN?

 

It is not offloaded - handled by the processor instead.

 

 

Ah, wonder if the Synology will do more than 10Mbit... 





Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00


Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08


Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55


Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19


Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48


CarbonClick launches into Digital Marketplaces
Posted 6-Nov-2019 11:42


Kordia offers Microsoft Azure Peering Service
Posted 6-Nov-2019 11:41


Spark 5G live on Auckland Harbour for Emirates Team New Zealand
Posted 4-Nov-2019 17:30


BNZ and Vodafone partner to boost NZ Tech for SME
Posted 31-Oct-2019 17:14


Nokia 7.2 available in New Zealand
Posted 31-Oct-2019 16:24


2talk launches Microsoft Teams Direct Routing product
Posted 29-Oct-2019 10:35


New Breast Cancer Foundation app puts power in Kiwi women's hands
Posted 25-Oct-2019 16:13


OPPO Reno2 Series lands, alongside hybrid noise-cancelling Wireless Headphones
Posted 24-Oct-2019 15:32


Waikato Data Scientists awarded $13 million from the Government
Posted 24-Oct-2019 15:27


D-Link launches Wave 2 Unified Access Points
Posted 24-Oct-2019 15:07



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.