TIP needed: How to set up a VPN for remote access

lights · October 26, 2022, 8:35pm

I run Channels Server on a Synology DS220+. Since I set this up, I joined the Synology subreddit and have seen a troublesome number of reports of attacks on Synology NAS devices. When I asked on the sub how I can secure my Synology and still remotely watch TV, other Synology users suggested a VPN such as Tailscale

Is anyone running such a setup? It so, I could use some tips.

A key scenario for me is to be able to access Channels on Apple TV clients in my second home. I achieve this by opening up a port on Home 1’s router, but according to the advice I received on the Synology subreddit, this is inadvisable.

In a hypothetical VPN setup, I’d like to make my Channels Server (and no other devices) available on both networks. I fear simply bridging the entirety of the two homes’ networks would create chaos, as both have extensive but separate HomeKit setups with identically names devices such as “Living Room HomePods” and “Bedroom Apple TV” etc.

Any advice on how to achieve this would be fantastic.

chDVRuser · October 26, 2022, 8:44pm

And in that thread

marcuscthomas · October 26, 2022, 9:48pm

I have a Synology NAS and have seen many efforts to brute force attack it. I'd suggest a number of things. 1) implement two factor authentication, 2) use a complex password, 3) disable the admin account and most importantly, 4) add a firewall security device to monitor your network. You can lock down your NAS device pretty easily, but if you leave various other servers (eg., PLEX, Channels DVR, Calibre, etc) running on the NAS, they each have their own open ports and respond to login attempts and other requests. I have a number of IOT devices (e.g., NEST thermostats, Echo devices, Weather Station, Robot vacuum cleaner, etc) and i have no idea what they may be doing. My suggestion is to buy a firewall device to monitor and control network flows. With a good firewall appliance (I'd suggest Firewalla Purple) you can segment the network to take IOT devices off your private LAN space and tightly control access to other devices. These devices will also have a built-in VPN server on them.

Scott_Malcolm · December 18, 2022, 8:59am

How did you add this? I have TestFlight on my atv but I am struggling to get tailscale installed. Any help would be appreciated

chDVRuser · December 18, 2022, 7:11pm

I don't have an ATV. I enables it on the Channels app on my iPhone.
Did you read the topic thread?

system · December 18, 2023, 7:12pm

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.