Release Notes for VPN Server

VPN Server offers an easy VPN solution that turns your Synology product into a VPN server, providing a secure method to connect to a private LAN at a remote location. All PPTP, OpenVPN, and L2TP/IPSec services are supported.

Version: 1.4.6-2892


(2022-03-24)

Fixed Issues

  1. Fixed an issue where after updating to DSM 7.1, VPN-related firewall rules were not automatically enabled when the NAS is restarted, resulting in connection failure.

Version: 1.4.5-2880


(2022-02-17)

Compatibility and Installation

  1. This version is only compatible with DSM 7.1 Beta or above.

Fixed Issues

  1. Fixed an issue where OpenVPN might still occupy Port 443 after being disabled.
  2. Fixed an issue where the account field required the domain name to verify domain users.
  3. Fixed multiple security vulnerabilities (CVE-2020-28194, CVE-2020-15078, and CVE-2021-3712).
  4. Minor bug fixes.

Version: 1.4.4-2855


(2021-08-31)

What's New

  1. Added support for the verification of server CN and TLS auth keys to enhance the security of OpenVPN connections.

Fixed Issues

  1. Fixed an issue where the exported OpenVPN configuration file might contain the wrong certificate chain when using Let's Encrypt, preventing the client from connecting.
  2. Fixed an issue where using Synology Directory Server on DSM 7.0 will cause domain users to fail to sign in to L2TP VPN.
  3. Fixed an issue where users would be unable to connect with OpenVPN if a root certificate was used as an intermediate certificate.
  4. Fixed an issue where certificate parsing might fail if the root certificate contained special characters.
  5. Fixed a security vulnerability regarding OpenVPN (CVE-2020-15078).
  6. Minor bug fixes.

Version: 1.4.3-2838


(2021-07-20)

Important Note

1.The current DST Root CA X3 root certificate used by Let's Encrypt will expire at the end of September. To ensure continued connectivity, please update the package and re-export the configuration file to your OpenVPN client as soon as possible.

Fixed Issues

1.Fixed an issue where the exported OpenVPN configuration file might contain the wrong certificate chain when using Let's Encrypt, preventing the client from connecting.

Version: 1.4.2-2837


(2021-06-01)

Compatibility and Installation

  1. Updated to be compatible with DSM 7.0.

What's New

  1. Added a field for modifying the mssfix parameter of OpenVPN.

Version: 1.3.14-2782


(2021-10-05)

Fixed Issues

  1. Fixed an issue where using the root certificate as an intermediate certificate would cause a connection failure on OpenVPN.
  2. Fixed an issue where certificate parsing might fail if the root certificate contained special characters.

Version: 1.3.13-2781


(2021-07-20)

Important Note

1.The current DST Root CA X3 root certificate used by Let's Encrypt will expire at the end of September. To ensure continued connectivity, please update the package and re-export the configuration file to your OpenVPN client as soon as possible.

Fixed Issues

1.Fixed an issue where the exported OpenVPN configuration file might contain the wrong certificate chain when using Let's Encrypt, preventing the client from connecting.

Version: 1.3.12-2780


(2021-02-23)

Important Note

This update is expected to be available in all regions within the next few days. The actual time of release may vary slightly depending on regions.

Fixed Issues

  1. Fixed the issue where L2TP VPN service might not function properly when Synology NAS is in a high-availability cluster.
  2. Fixed the issue where the status of domain users might not be displayed correctly at VPN Server > Privilege.
  3. Minor bug fixes.

Version: 1.3.11-2777


(2020-04-28)

Fixed Issues

  1. Minor bug fixes.

Version: 1.3.10-2772


(2019-12-26)

Updated to be compatible with SA3200D.

Version: 1.3.9-2770


(2018-08-29)

Fixed issues

  1. Fixed an issue where the network interface used for access to an L2TP server might be disconnected when VPN Server package is stopped.

  2. Fixed an issue where OpenVPN might not work properly.

  3. Fixed an issue where AES-256-CBC and SHA512 might not be set as default in OpenVPN.

  4. Fixed an issue where L2TP might not work properly.

Version: 1.3.8-2769


(2018-05-23)
  1. Thai user interface is now available.

  2. You will now receive a warning message when enabling the PPTP service.

  3. Fixed an issue where OpenVPN might not work properly when the "Allow clients to access server's LAN" option is enabled and the DSM, meanwhile, is in a high-availability cluster.

Version: 1.3.7-2766


(2018-03-20)
  1. Fixed an issue where OpenVPN might fail to allocate IP addresses.

Version: 1.3.6-2765


(2017-12-13)
  1. Fixed an issue where it might take longer than usual to install the package.

  2. Fixed an issue where the L2TP service might not be accessible from a Mac client when being accessed by an Android client.

Version: 1.3.6-2764


(2017-10-05)
  1. Removed MDC2 and RSA-MDC2 from the authentication options for OpenVPN.

  2. Minor bug fixes.

Version: 1.3.5-2762


(2017-07-26)
  1. Fixed an issue where OpenVPN might not work properly when a third-party certificate is employed without being imported to the browser.
  2. Minor bug fixes

Version: 1.3.5-2761


(2017-06-20)
  1. Fixed an issue where OpenVPN might not work properly after certification update or change.
  2. Fixed an issue where PPTP and L2TP services might not work properly.

Version: 1.3.5-2759


(2017-04-25)
  1. Fixed an issue where domain users might fail to connect to the PPTP server.
  2. Fixed an issue where VPN Server might fail to be enabled.

Version: 1.3.5-2757


(2017-02-21)

What's new

  1. You can now check the occupation of ports for PPTP/L2TP.
  2. You can now change the cipher for OpenVPN.

Bug fixes

  1. Fixed an issue where OpenVPN might still occupy the port 443 when disabled.

Version: 1.3.5-2753


(2017-01-04)
  1. Authentication config file will change automatically according to the encryption type of LDAP user.
  2. Fixed an issue where L2TP could not establish connection in kernel 4.4.

Version: 1.3.3-2748


(2016-08-18)
  1. Supports port 443 for OpenVPN connections.
  2. Minor bug fixes.

Version: 1.3.2-2738


(2016-06-28)
  1. Fixed an issue where PPTP services might fail on certain Synology NAS models after upgrading to DSM 6.0.1.

Version: 1.3.1-2737


(2016-06-06)
  1. Fixed an issue where PPTP and L2TP connections might fail in certain situations.
  2. Fixed an issue where warning messages of IP conflicts might not appear in certain situations.
  3. Minor bug fixes.

Version: 1.3.0-2734


(2016-04-26)
  1. Fixed an L2TP/IPSec connection compatibility issue with Android 6.0 devices.
  2. Fixed an issue where established PPTP link will disconnect because the assigned IP address has changed after update.
  3. Fixed an issue where PPTP and L2TP connections become unstable and lose speed after update.
  4. Fixed an issue where changing the openVPN certificate might fail.
  5. Fixed an issue where VPN Server might not be accessed after DDNS daily update.

Version: 1.2-2725


(2016-03-29)
  1. Upgraded to be compatible with DSM 6.0.

Version: 1.4.6-2892


(2022-03-24)

Fixed Issues

  1. Fixed an issue where after updating to DSM 7.1, VPN-related firewall rules were not automatically enabled when the NAS is restarted, resulting in connection failure.

Version: 1.4.5-2880


(2022-02-17)

Compatibility and Installation

  1. This version is only compatible with DSM 7.1 Beta or above.

Fixed Issues

  1. Fixed an issue where OpenVPN might still occupy Port 443 after being disabled.
  2. Fixed an issue where the account field required the domain name to verify domain users.
  3. Fixed multiple security vulnerabilities (CVE-2020-28194, CVE-2020-15078, and CVE-2021-3712).
  4. Minor bug fixes.

Version: 1.3.14-2782


(2021-10-05)

Fixed Issues

  1. Fixed an issue where using the root certificate as an intermediate certificate would cause a connection failure on OpenVPN.
  2. Fixed an issue where certificate parsing might fail if the root certificate contained special characters.

Version: 1.4.4-2855


(2021-08-31)

What's New

  1. Added support for the verification of server CN and TLS auth keys to enhance the security of OpenVPN connections.

Fixed Issues

  1. Fixed an issue where the exported OpenVPN configuration file might contain the wrong certificate chain when using Let's Encrypt, preventing the client from connecting.
  2. Fixed an issue where using Synology Directory Server on DSM 7.0 will cause domain users to fail to sign in to L2TP VPN.
  3. Fixed an issue where users would be unable to connect with OpenVPN if a root certificate was used as an intermediate certificate.
  4. Fixed an issue where certificate parsing might fail if the root certificate contained special characters.
  5. Fixed a security vulnerability regarding OpenVPN (CVE-2020-15078).
  6. Minor bug fixes.

Version: 1.4.3-2838


(2021-07-20)

Important Note

1.The current DST Root CA X3 root certificate used by Let's Encrypt will expire at the end of September. To ensure continued connectivity, please update the package and re-export the configuration file to your OpenVPN client as soon as possible.

Fixed Issues

1.Fixed an issue where the exported OpenVPN configuration file might contain the wrong certificate chain when using Let's Encrypt, preventing the client from connecting.

Version: 1.3.13-2781


(2021-07-20)

Important Note

1.The current DST Root CA X3 root certificate used by Let's Encrypt will expire at the end of September. To ensure continued connectivity, please update the package and re-export the configuration file to your OpenVPN client as soon as possible.

Fixed Issues

1.Fixed an issue where the exported OpenVPN configuration file might contain the wrong certificate chain when using Let's Encrypt, preventing the client from connecting.

Version: 1.4.2-2837


(2021-06-01)

Compatibility and Installation

  1. Updated to be compatible with DSM 7.0.

What's New

  1. Added a field for modifying the mssfix parameter of OpenVPN.

Version: 1.3.12-2780


(2021-02-23)

Important Note

This update is expected to be available in all regions within the next few days. The actual time of release may vary slightly depending on regions.

Fixed Issues

  1. Fixed the issue where L2TP VPN service might not function properly when Synology NAS is in a high-availability cluster.
  2. Fixed the issue where the status of domain users might not be displayed correctly at VPN Server > Privilege.
  3. Minor bug fixes.

Version: 1.3.11-2777


(2020-04-28)

Fixed Issues

  1. Minor bug fixes.

Version: 1.3.10-2772


(2019-12-26)

Updated to be compatible with SA3200D.

Version: 1.3.9-2770


(2018-08-29)

Fixed issues

  1. Fixed an issue where the network interface used for access to an L2TP server might be disconnected when VPN Server package is stopped.

  2. Fixed an issue where OpenVPN might not work properly.

  3. Fixed an issue where AES-256-CBC and SHA512 might not be set as default in OpenVPN.

  4. Fixed an issue where L2TP might not work properly.

Version: 1.3.8-2769


(2018-05-23)
  1. Thai user interface is now available.

  2. You will now receive a warning message when enabling the PPTP service.

  3. Fixed an issue where OpenVPN might not work properly when the "Allow clients to access server's LAN" option is enabled and the DSM, meanwhile, is in a high-availability cluster.

Version: 1.3.7-2766


(2018-03-20)
  1. Fixed an issue where OpenVPN might fail to allocate IP addresses.

Version: 1.3.6-2765


(2017-12-13)
  1. Fixed an issue where it might take longer than usual to install the package.

  2. Fixed an issue where the L2TP service might not be accessible from a Mac client when being accessed by an Android client.

Version: 1.3.6-2764


(2017-10-05)
  1. Removed MDC2 and RSA-MDC2 from the authentication options for OpenVPN.

  2. Minor bug fixes.

Version: 1.3-2500


(2017-08-16)
  1. Upgraded OpenVPN to version 2.3.17.

  2. Fixed an issue where OpenVPN might not work properly when a third-party certificate is employed without being imported to the browser.

  3. VPN Server has reached the end of its life span on Synology Router. We recommend using VPN Plus Server to get access to future updates and technical support.

Version: 1.3.5-2762


(2017-07-26)
  1. Fixed an issue where OpenVPN might not work properly when a third-party certificate is employed without being imported to the browser.
  2. Minor bug fixes

Version: 1.3.5-2761


(2017-06-20)
  1. Fixed an issue where OpenVPN might not work properly after certification update or change.
  2. Fixed an issue where PPTP and L2TP services might not work properly.

Version: 1.3-2499


(2017-04-27)

Compatibility and Installation

  1. VPN Server 1.3-2499 can only be installed on Synology products running SRM 1.1.4 or later.

Version: 1.3.5-2759


(2017-04-25)
  1. Fixed an issue where domain users might fail to connect to the PPTP server.
  2. Fixed an issue where VPN Server might fail to be enabled.

Version: 1.3.5-2757


(2017-02-21)

What's new

  1. You can now check the occupation of ports for PPTP/L2TP.
  2. You can now change the cipher for OpenVPN.

Bug fixes

  1. Fixed an issue where OpenVPN might still occupy the port 443 when disabled.

Version: 1.3-2496


(2017-01-12)

Compatibility and Installation

  • VPN Server 1.3-2496 can only be installed on Synology products running SRM 1.1.3 or later.

What's New

  • VPN Server (SRM-compatible) is no longer under maintenance. It is recommended to migrate relevant settings and logs to VPN Plus Server for use.

Fixed Issues

  1. Fixed an issue where network access over L2TP/IPSec VPN might fail after router reboot.
  2. Minor bug fixes.

Version: 1.3.5-2753


(2017-01-04)
  1. Authentication config file will change automatically according to the encryption type of LDAP user.
  2. Fixed an issue where L2TP could not establish connection in kernel 4.4.

Version: 1.3-2490


(2016-12-21)
  1. VPN Server must be upgraded to the latest version to be compatible with SRM 1.1.1.

 

Version: 1.3.3-2748


(2016-08-18)
  1. Supports port 443 for OpenVPN connections.
  2. Minor bug fixes.

Version: 1.3-2479


(2016-07-19)
  1. Upgraded to be compatible with SRM 1.1.
  2. Fixed an issue where PPTP services will start automatically after upgrading SRM.
  3. Minor bug fixes.

Version: 1.3.2-2738


(2016-06-28)
  1. Fixed an issue where PPTP services might fail on certain Synology NAS models after upgrading to DSM 6.0.1.

Version: 1.3-2476


(2016-06-07)
  1. Upgraded to be compatible with SRM 1.1.

Version: 1.3.1-2737


(2016-06-06)
  1. Fixed an issue where PPTP and L2TP connections might fail in certain situations.
  2. Fixed an issue where warning messages of IP conflicts might not appear in certain situations.
  3. Minor bug fixes.

Version: 1.3.0-2734


(2016-04-26)
  1. Fixed an L2TP/IPSec connection compatibility issue with Android 6.0 devices.
  2. Fixed an issue where established PPTP link will disconnect because the assigned IP address has changed after update.
  3. Fixed an issue where PPTP and L2TP connections become unstable and lose speed after update.
  4. Fixed an issue where changing the openVPN certificate might fail.
  5. Fixed an issue where VPN Server might not be accessed after DDNS daily update.

Version: 1.3.0-2469


(2016-04-26)
  1. Fixed an L2TP/IPSec connection compatibility issue with Android 6.0 devices.
  2. Fixed an issue where established PPTP link will disconnect because the assigned IP address has changed after update.
  3. Fixed an issue where PPTP and L2TP connections become unstable and lose speed after update.
  4. Fixed an issue where VPN Server might not be accessed after DDNS daily update.

Version: 1.2-2725


(2016-03-29)
  1. Upgraded to be compatible with DSM 6.0.

Version: 1.2-2463


(2016-03-08)
  1. Enhanced transmission performance of PPTP/L2TP.
  2. You can now set the IP domain of PPTP/L2TP to be the same as the IP range specified in Network Center > Local Network (e.g., 192.168.1.x) without IP range overlap.
  3. Upgraded OpenVPN to version 2.3.10.

Version: 1.2-2459


(2016-01-13)
  1. Enhanced L2TP/IPSec server compatibility.
  2. Shortened VPN server startup time.
  3. Fixed an issue where LAN devices might not be accessible while OpenVPN server is enabled.

Version: 1.2-2456


(2015-12-10)
  1. Fixed an issue where VPN Server failed to sync with the certificate update in DSM.

Version: 1.2-2438


(2015-05-21)
  1. Fixed a connection issue with port 443.

Version: 1.2-2437


(2015-05-12)
  1. Enhanced security with AppArmor (on selected models with DSM 5.1 or above).
  2. Upgraded PPTPD to 1.4.0.
  3. Minor bug fixes.

Version: 1.2-2434


(2015-03-12)
  1. Enhanced security with AppArmor (on selected models with DSM 5.1 or above).
  2. Upgraded PPTPD to 1.4.0.
  3. Minor bug fixes.

Version: 1.2-2427


(2014-12-12)
  1. Upgraded to 2.3.6 to address a security vulnerability that allows remote authenticated users to initiate a denial of service (server crash) via a small control channel packet. (CVE-2014-8104).

Version: 1.2-2425


(2014-11-25)
  1. Logs will now be forwarded to Syslog Center.

Version: 1.2-2423


(2014-09-23)
  1. IPv6 is now supported for OpenVPN.
  2. Certified by Synology Trust Level.

Version: 1.2-2416


(2014-09-22)

Add DS415+ support

Version: 1.2-2415


(2014-06-04)

Improvements

  1. Upgraded OpenVPN to version 2.3.

Fixed Issues

  1. Fixed an issue where OpenVPN server service could not start if QuickConnect was enabled.

Version: 1.2-2414


(2014-04-29)

Read First

  1. It is required to first update DSM to the latest version then renew the SSL certificate.
  2. For detail instructions, please visit https://www.synology.com/support/security

Fixed Issues

  1. A vulnerability to allow remote attackers to obtain sensitive information from process memory. (CVE-2014-0160) After the package update is completed, you must update the SSL certificate exporting from DSM on your OpenVPN PC clients.

Version: 1.2-2318


(2014-04-16)

Read First

  1. It is required to first update DSM to the latest version then renew the SSL certificate.
  2. For detail instructions, please visit https://www.synology.com/support/security

Fixed Issues

  1. A vulnerability to allow remote attackers to obtain sensitive information from process memory. (CVE-2014-0160) After the package update is completed, you must update the SSL certificate exporting from DSM on your OpenVPN PC clients.

Version: 1.2-2412


(2014-03-10)
  1. Updated to be compatible with DSM 5.0.

Version: 1.2-2317


(2014-03-03)
  1. Fixed a security issue to prevent unauthorized access. (VU#534284)

Version: 1.2-2313


(2013-08-27)
  1. Now supports Domain/LDAP users.
  2. Now supports L2TP over IPSec connection.

Version: 1.1-2267


(2013-03-04)
  1. Upgraded to be compatible with DSM 4.2.