What’s the easiest way to set up site-to-site VPN so two NAS can communicate?
Can I possibly use the Synology NAS themselves to set this up?
They are both pretty high-end units, 3617’s.
Background:
I’m trying to get the two machines to back up with Hyperbackup and Hyperbackup Vault. I can’t get the connection to work, and the manufacturer of the far router is suggesting I put the Hyperbackup Vault NAS into DMZ, which is too frightening for me.
So I’d like to try a site-to-site VPN, which would also make remote management for other things easier as well.
They are both in separate locations across the country, with different router equipment on each side. The close one is behind a Ubiquiti USG Security Gateway. Unfortunately the remote one is behind a low-end router that is unable to natively do site-to-site VPN, and I don’t have physical access to the remote location, at least for a month.
Buy second USG, configure it for site to site, send to the remote location and have someone swap the gateway with it.
Trying to make diskstations maintain a tunnel between them using DSM software will only end up in a lot of time wasted in frustration, and you would need access to the remote gateway regardless to configure firewall and you likely will end up in a rather insecure config with the port exposed to the whole world due to lack of configurability on that gateway.
If you do the other way, and have the remote DSM dial home — you can’t control IP assigned and your backup will keep breaking.
Seems like solid advice, thanks. Sad that I can’t get the two NAS to maintain a secure link, but I appreciate you letting me know not to waste time trying to figure it out.