as the title says…
spent 3 days trying to figure this out, no luck so far.
- yes I opened all ports used by L2TP IPSec (500, 4500, 1701)
- yes the password is correct
- yes the preshared key is correct
- yes I could use the Synology SSL VPN macOS client or OpenVPN but I want this without additional software
What exactly does not work? What failures do you see?
SSL vpn is much preferred for remote access. You will be very frustrated trying to make dns and ppp work properly over L2TP. Use SSL vpn and Viscosity as a client. Desire to avoid third party software is irrational.
I have personally gotten this to work
There’s also ZeroTier… it eliminates the entire headache of port forwarding and gives you a direct connection to the synology…
Otherwise, is your ISP blocking the open ports needed for L2TP?
This thread helped me find the answer. Sharing it here for anyone still looking for a solution. If I completely disable the firewall I learned that I was able to connect without the Error. If that is the case for you, reactivate the firewall and try:
I already had the firewall rules in place but it was adding the port forwarding rules that fixed the error for me after reading this thread and https://kb.synology.com/en-au/DSM/help/DSM/AdminCenter/connection_security_dos_vpnpassthrough?version=6
I had this problem and solved it by enabling (Enable Mapping) checked on my router when enabling ports forwarding for (500,1701,4500)
Hi, I’m aware this is an old post but did you ever manage to get it to work?
I get “The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.”
I added port forwards and firewall rules.
well I always prefer the built in solutions or at least install apps from the App Store.
I tried the Synology SSL VPN macOS client and it messes up the macOS DNS server settings when I switch from one SSL VPN connection to another (I have to manually correct the messed up DNS server settings to have connection again).
Unless you are short of money and don’t want to pay for continual major upgrades
how?
what am I missing?
- port forward 500, 4500 and 1701 set on Synology router
- firewall rules for 500, 4500, 1701 set on Synology router
- pre shared key set on Synology router
on macOS, I followed this guide: https://www.synology.com/en-global/knowledgebase/DSM/tutorial/Network/How_to_connect_to_Synology_s_VPN_Server_using_a_Windows_PC_or_Mac#t2.2
so entered my server address “domainname.com”
my user name: “User Name”
Authentication settings, password is the password for my user account on Synology router. For the shared secret I entered the “pre shared key” from my Synology router.
When connect I get “The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.”
am I missing something? and I get the same error message when I enter a wrong password purposely. So it seems the connection request does not even reach the Synology router.
I’ve gotten this to work as well, but found I needed to allow IPSec and l2tp traffic otherwise I get the same error on the MacOS native client.
I followed this: https://www.synology.com/en-global/knowledgebase/SRM/tutorial/VPN/What_should_I_do_if_I_fail_to_set_up_an_L2TP_connection
and tried connecting via the router’s private IP. Still couldn’t connect so something is definitely wrong with the settings on the router. (I’m in the same LAN).
I did but I dont remember what I did to make it work but it is certainly possible.
I switched to Mikrotik since then.
I get “The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.”
How many characters do you have in shared secret?
What is in the connection log on synology side?
well I always prefer the built in solutions or at least install apps from the App Store.
That is counterproductive. Built-in basic solutions will never work better than a product from a company that specializes on that single product.
With L2TP you cannnot push dns configuration. At all. It’s is not possible to configure split tunnel with a lot of manual setup and scripting either. Have a look at VPN Tracker. This company solely exists to automate vpn configuration process.
In case of synology’s PPP the netmask is not provision correctly either.
I tried the Synology SSL VPN macOS client
That’s garbage. Synology makes storage devices. Why would you think that their vpn client would be anything but trash?
and it messes up the macOS DNS server settings when I switch from one SSL VPN connection to another
That’s because it’s trash, see above.
(I have to manually correct the messed up DNS server settings to have connection again).
Use Viscosity. Follow this configuration guide (synology produces bad ovpn file, it is broken and they don’t fix it for the same reason — vpn server on a storage device is a built-in afterthought gimmick, and their router is plain consumer grade garbage. I’m tired of sugarcoating things so there you have it. ): OpenVPN Split Tunnel on Synology Diskstation | Trinkets, Odds, and Ends. Anecdotally I use viscosity for at least a decade, on multiple macs and with concurrent vpn sessions, including to synology. It just works, and configured itself from ovpn file. What’s missing from the file (and if you use synology’s ovpn template a lot will be missing) you can configure in the UI.
Have you tried the connection just to see if it will work if it is on LAN
where do you allow this? thank you
Have you tested the public side?
https://www.grc.com/shieldsup
The shared secret is 13 characters long. It contains upper and lower case and numbers.
I don’t have any logs in the “Log” menu within the VPN Plus Server app.
I get your point, to be honest Synology SSL VPN worked well for me until I had switch back and forth between two different SSL VPN connections, then it became a mess.
I would give Viscosity a try but it’s not available in the App Store.
ok I might give in… I really need this to work and I cannot figure it out so I might get Viscosity
But I prefer opensource so how about tunnelblick? Does Viscosity require installation? (tunnelblick does not).
Thanks!
I just tried, I get the same result. The Synology SSL VPN on the same router works just fine