QNAP PPTP VPN
Most, if not all, major NAS manufacturers offer remote access capabilities, either through a proprietary manufacturer supported cloud of some kind, or through direct access over the internet using DDNS. The less expensive home models generally use a proprietary manufacturer cloud. Smart NAS drives can use DDNS and provide direct access to shared folders over the internet without first going through a cloud oriented switchboard.
Smart network attached storage devices are full featured, stand alone, general purpose computers that have a special affinity for data management and storage. QNAP and the others include PPTP VPN services as a basic feature.
A PPTP VPN is a basic VPN. They’re really easy to set up. No SSL is required. PPTP used to be secure VPN technology. Then CloudCracker came along and offered a service for astute hackers that is said to quickly and inexpensively crack the passwords for MS-CHAP v2 secured VPN connections. Even Microsoft published a warning about PPTP / MS-CHAP v2 networking.
Realistically, PPTP is probably safe for a quick occasional file transfer, providing nobody at the the coffee shop or in the next door hotel room is sniffing all the traffic in the place for later review, or assuming the creepy kid next door isn’t doing the same thing with all the nearby houses. You’ll be OK, maybe.
Still, PPTP is offered by many purveyors of VPN technology, including smart NAS makers, so a lesson on how to set one up is included at Advanced Home Server. By the way, MS-CHAP v2 is the most secure authentication method you can associate with a PPTP VPN. The other authentication methods are even less secure. (The moral of the story … if you want the best commonly available internet security, use SSL and one or more good virus checkers since even SSL can be hacked if you have some bad software running on the inside.)
Setting Up the PC to Connect to the VPN
Windows Server and Windows PC both offer PPTP VPN server capabilities. Each configures differently as a server. No matter what kind of computer is hosting a PPTP VPN, the client PC is always set up the same. To avoid repeating the client instructions every time a new PPTP server is documented, they are in one place only. Read toward the bottom. The top part of the page offers more hectoring about PPTP security issues.
Setting Up a QNAP PPTP VPN
I’m going to assume you have a DNS name and an internet connection to your NAS device established and available. It makes no sense to VPN from downstairs to upstairs on the same local network. You’ll be connection to your PPTP VPN using a network connection on your PC that specifically names your home server’s URL.
Enable PPTP in QNAP by checking the box and selecting the most secure authentication and encryption available. The network addresses enumerated are what the VPN uses to identify your PC on it’s network. For example, if your local IP address now is 192.168.1.35, after connecting to the VPN, it will change to, in this case, 10.0.0.2 or something else in the range below. Just take the defaults. The first number in the subnet is the net id; in this case 10.0.0.1. Use \\10.0.0.1 in Windows Explorer to view the shares.
Decide who will have access to the VPN. QNAP supports two VPN types and this screen is used for both.
Later, after someone has connected, you can monitor them on this tab. The client address is the IP address of the router the NAS is attached to.
This is the IP address of the PC connected to QNAP via the PPTP VPN connection. It’s within the range specified above. After disconnecting the VPN, 10.0.0.2 vanishes.
Don’t forget port forwarding in your router. Port 1723 is commonly assigned to PPTP. Ports 80 and 443 are not required for this exercise, but are needed for basic web pages (port 80) and SSL (port 443).
Windows explorer on the client PC. Note the IP address.