Skip to main content
Version: TOS 7

VPN Connection

You can easily turn TNAS into a VPN client and connect to an existing VPN (Virtual Private Network) server via PPTP, OpenVPN, or L2TP/IPSec.

Supported VPN Protocol Types

  • PPTP: PPTP (Point-to-Point Tunneling Protocol) is a commonly used VPN solution, and most clients (including Windows, Mac, Linux, and mobile devices) support the PPTP protocol.
  • OpenVPN: OpenVPN is an open-source VPN service solution. It protects VPN connections using SSL/TLS encryption.
  • L2TP/IPSec: L2TP (Layer 2 Tunneling Protocol) with IPSec provides a more secure virtual private network, and it is supported by most clients (Windows, Mac, Linux, and mobile devices).

Configuration Methods for Each VPN Protocol Type

PPTP Protocol

  1. Select PPTP and click "Next".
  2. Choose a name for the new configuration profile, specify the address of the VPN server to connect to, enter your username and password for that server, then click "Next" to continue.
  3. From the authentication dropdown menu, select one of the following authentication methods to protect the VPN client password during authentication:
    PAP: The password will not be encrypted during verification.
    CHAP: The password will be encrypted using CHAP (Challenge-Handshake Authentication Protocol).
    MS CHAP: The password will be encrypted using Microsoft CHAP Version 1.
    MS CHAP v2: The password will be encrypted using Microsoft CHAP Version 2.
    If you select MS CHAP or MS CHAP v2, choose one of the following options from the encryption menu to encrypt the VPN connection:
    No MPPE: The VPN connection will not be protected by Microsoft Point-to-Point Encryption.
    Require MPPE (40/128 bit): The VPN connection will be protected by 40-bit or 128-bit Microsoft Point-to-Point Encryption.
    Maximum MPPE (128 bit): The VPN connection will be protected by 128-bit Microsoft Point-to-Point Encryption, which provides the highest level of security.
  4. Based on your needs, check any of the following checkboxes:
    Use default gateway of the remote network: Enabling this option routes TNAS's network traffic to the specified VPN server.
    Reconnect when VPN connection is lost: If the VPN connection is unexpectedly lost, the system will attempt to reconnect every 30 seconds (up to five times).
  5. Click "Apply" to complete the setup.

OpenVPN Protocol

  1. Select "OpenVPN" and click "Next".
  2. Choose a name for the new configuration profile, specify the address of the VPN server to connect to, and enter your username and password for that server.
  3. In the "CA Certificate" section, click the "Browse" button to import the certificate file exported from the VPN server (e.g., ca.crt), then click "Next".
  4. Based on your needs, check any of the following checkboxes:
    Enable VPN connection compression: Compresses data during transmission, so data transferred between the VPN client and server is compressed. This option can improve transmission speed but may consume more system resources.
    Use default gateway of the remote network: Enabling this option routes TNAS's network traffic to the specified VPN server.
    Reconnect when VPN connection is lost: If the VPN connection is unexpectedly lost, the system will attempt to reconnect every 30 seconds (up to five times).
  5. Click "Apply" to complete the setup.

OpenVPN (via Importing .ovpn File) Protocol

  1. Select OpenVPN (via Importing .ovpn File) and click "Next".
  2. Name the new configuration profile, then in the "Import .ovpn File" section, click the "Browse" button to import the .ovpn file exported from the VPN server.
  3. Enter the following information provided by the VPN server administrator: your username, password, and import the "CA Certificate" file (e.g., ca.crt), then click "Next".
  4. Based on your needs, check any of the following checkboxes:
    Use default gateway of the remote network: Enabling this option routes TNAS's network traffic to the specified VPN server.
    Reconnect when VPN connection is lost: If the VPN connection is unexpectedly lost, the system will attempt to reconnect every 30 seconds (up to five times).
  5. Click "Apply".

L2TP/IPSec Protocol

  1. Select "L2TP/IPSec" and click "Next".
  2. Choose a name for the new configuration profile, specify the address of the VPN server to connect to, and enter your username and password for that server. You also need to enter the pre-shared key for the VPN server, then click "Next".
  3. From the "Authentication" dropdown menu, select one of the following authentication methods to protect the VPN client password during authentication:
    PAP: The password will not be encrypted.
    CHAP: The password will be encrypted using CHAP (Challenge-Handshake Authentication Protocol).
    MS CHAP: The password will be encrypted using Microsoft CHAP Version 1.
    MS CHAP v2: The password will be encrypted using Microsoft CHAP Version 2.
  4. Based on your needs, check any of the following checkboxes:
    Use default gateway of the remote network: Enabling this option routes TNAS's network traffic to the specified VPN server.
    Reconnect when VPN connection is lost: If the VPN connection is unexpectedly lost, the system will attempt to reconnect every 30 seconds (up to five times).
  5. Click "Apply".
Note
  1. The VPN server's username, password, address, and certificates should be provided by the VPN server administrator.
  2. The authentication and encryption settings must match the settings on the VPN server. For details, please contact your VPN server administrator.