Personally, I don’t use torrents. My preferred choice is Usenet. Still, every now and then people tend to ask me how to setup docker containers and most often is how to set up a torrent client with VPN protection.
- Synology Drive Client Download
- Synology Download
- Synology Torrent App
- Synology Torrent Downloader
- Best Torrent Client Synology App
I have written in the past how to utilize VPN on your NAS and one method of tunneling your torrent traffic via your NAS and a VPN connection is using a VDSM instance that will be protected with a VPN and in return, any other app running under that VDSM instance will be protected as well.
Now, this is useful if you will be using that same instance for more then just torrenting. If you are looking for occasional torrent download, then maybe a docker container will be far less resource demanding, not to mention that you will not need a VDSM license (unless you have the free license still open to use).
In these steps, I will explain a bit how to use qBittorrent client in a combination with a VPN provider of your choice. For this, I will use https://hub.docker.com/r/markusmcnugen/qbittorrentvpn image.
Synology bittorrent VPN - The best for the majority of people 2020 A Synology bittorrent VPN is salutary because it guarantees associate. That same, the Synology bittorrent VPN landscape can be confusing and mystifying. Here are many quick tips, each of which tie-in to a Thomas More in-depth discussion of the topic in question. The best Synology torrent client VPN services gift atomic Tunneling protocols can operate in metric linear unit point-to-point network constellation that would theoretically not be considered a VPN because antiophthalmic factor VPN away definition is due to support arbitrary and changing sets of textile nodes. — Make sure put caps on maximum in my case) and app) from your bandwidth usage, and block called Download Station. Synology Download station with vpn would like to setup ' Download Station ' NAS - BitTorrent download station and still be the best but dsm vpn pptp l2tp — When the Clients. The application is the ports are closed VPN on. Best thing here is to have a better app then Transmission packed under Download Station, and use a client that you want. Most out there are a lot better with better features. Reactions: fisix.
Download the image from docker repository
Log into your NAS via SSH and elevate to root
a) use sudo -i to get root accessCreate openvpn folder inside the future /config location where you will copy your OVPN file of choice
Run the following docker run as a single line and change the settings to match your needs.
Keep in mind that you need to run this as a single line so just delete each and replace it with a single space
The most important option here is the fact that you will need to make an openvpn folder inside your config mount point. This is explained in the steps, but if you are not reading carefully you might miss it. In that folder drop the OVPN file that you wanna use.
Getting OVPN files from your provider will depend on the provider and also some providers use different username/password combination that’s different from your login credentials to use their service, so keep that in mind as well when filling out the configuration parameters.
So, for example, let's say that you will use this location for your config volume mount: /volume1/docker/qbittorrent. You will need to make openvpn folder inside that qbittorrent folder and copy the OVPN file inside it.
- Now that you have your container running, check the logs for any error and if all is well you should have the container running.
- Access the qBittorrent using your NAS IP address on port 8080
If you get an error in log saying 'Cannot open TUN/TAP dev /dev/net/tun', read the next section, if all is well, skip to 'How to check if you are running inside the VPN?'
I get the 'ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)'
NOTE: All credits for this fix go to Rui Marinho (@ruipmarinho) at https://ruimarinho.github.io/post/fix-tun-tap-not-available-on-a-synology-nas/
If this error happens plese follow the steps described bellow:
Check the tun module status
Check if you have the tun
module installed:
lsmod | grep tun
If the result comes out empty, try installing it:
If everything went fine, move on to the next test.
Test if the tun.ko module works
Now let’s make sure the tun.ko
module works as expected (run each line one at a time. If you get errors that the locations already exist just keep running the next line):
If the result of the cat
command was File descriptor in bad state
, it means the module has been correctly installed.
Make tun.ko module persistent
The module installation needs to be made persistent otherwise on every Synology restart, you’ll have to repeat the insmod
command.
Create the following file to run on every system boot:
This will open up a tun.sh file and inside it copy this block and hit return:
Make the script executable:
Reboot your Synology NAS or execute the script manually once. Done!
How to check if you are running inside the VPN?
Now that you have it running the question is are you inside the VPN or not. The easy way to test this is to use the Docker UI Terminal tab (of via console inside Portainer if you are running that as well) and open up a bash command.
Inside the command line, run this command:
curl ifconfig.me
This command will contact the service that will in return tell you what’s your public IP address. If you have a public address that’s different from the one you get when you visit whatsmyip address from your computer, then you are golden.
In my example, I will be using a NORDVPN provider connection to Switzerland. In the following steps, I will explain how to confirm that your traffic is inside the VPN tunnel and not exposed to your ISP.
- Once you get logged into your VPN container using the Terminal tab and running the curl ifconfig.me command, run that IP address result on http://whois.domaintools.com website.
Depending on the VPN file that you decided to use, you will get a different result and a different country. In this example, Switzerland was my destination.
Now that we have confirmation that we are indeed in a different country, it would be nice to see if the traffic is completely inside the VPN tunnel as well. The best way to do this is to trace traffic to a certain destination and see if we get a hit to our ISP provider along the way.
To do this we will use traceroute command inside the container. So again, log into it with a bash command (using the Terminal tab inside Docker UI). Now that you are inside you will need to install traceroute first. To do this run the following commands:
- With traceroute command line installed, run this to see how traffic is running:
Synology Drive Client Download
traceroute protonmail.ch
As you can see from the image, the second hop (number 2) is hitting our VPN address confirming that we are indeed getting out in Switzerland (same IP as provided by using whois.domaintool.com. If this was not the case, the second hop would be your local router IP address and then a few more hops from your ISP. Considering that in this image there is no router local IP address as well as no ISP addresses, we can be sure that the traffic is completely tunneled.
One more bonus thing here is that once the VPN goes down, your torrenets will stop as well, so you have a kill switch scenario as well.
Again, logging onto your NAS IP address on port 8080 should land you on the main qBittorrent page where you can log in using username/password combination: admin/adminadmin (default values).
If you have any questions, comments, or suggestions, please leave a comment down below.
In the guide below we will guide you through:
- How to set up a VPN on your NAS
- How to test to make sure your real IP isn’t leaking
- Some of the advantage to using a VPN on your Synology NAS
Synology Download
Getting Started
In order to set up a VPN client on a Synology NAS you will need to follow these basic steps outlined below. One thing to note is that all Synology devices support the 3 major VPN protocols: PPTP, L2TP, and OpenVPN. It’s recommended that you use OpenVPN for security and privacy purposes. To setup OpenVPN for Synology you will need to:
- Pick a VPN provider – we strongly recommend the following providers ExpressVPN, NordVPN, SurfShark or PureVPN due to speed and security
- Download the necessary config files along with the .crt and .key files ( this is very easy to get)
Best VPN Providers For Synology NAS
Installing a VPN on Your Synology NAS
- Go to your Synology Control Panel
2. Go to Network -> Network Interface -> Create -> Create VPN Profile
3. Select OpenVPN (via importing a .ovpn file) and click Next.
4. Next, you should see the form below:
5. Just fill out each field with the info provided by your VPN provider. If you’re using ExpressVPN just login to your account on their website and then navigate to https://www.expressvpn.com/setup#manual
6. After entering your username and password you will need to scroll down on the right and look for the OpenVPN configuration files, just select a location and it should automatically download the file. The just upload that file into the proper field.
7. Next, you will need to scroll down and download the zip file with the additional certificates and keys shown here:
8. Then just upload each of them into the respective fields in the form under Advanced Options and then press Next.
9. Now select all options on the next screen
10. Once you are done hit Apply.
Synology Torrent App
11. IMPORTANT (Do Not SKIP):
Before you enable VPN on your Synology, it’s highly recommended that you turn off IPv6 to prevent IPv6 traffic from leaking outside of the VPN tunnel.
To turn off IPv6, go to Control Panel > Network > Network Interface. Then click the LAN menu to expand it. Click Edit.
Under the Ipv6 Setup, there is a dropdown and you want to turn that OFF
Now select OK and it is recommended that you reboot your server.
Once you have restarted you can now enable your VPN connect if it is not already by going to Control Panel > Network > Network Interface and then highlight the VPN connection, then select Connect at the top as shown below.
Test DownloadStation to Make Sure it’s Not Leaking Your IP Address
In order to test to make sure your IP address is not being leaked and that your Download Station application is using your VPN successfully there are a few simple steps:
- Go to ipleak.net
- Scroll down the page until you see Torrent Address Detection then select Activate
Synology Torrent Downloader
3. Next, the screen will change and show you a magnet link, right-click that and choose copy link address
4. Now that you have the address copied to your clipboard, go into Download Station on your Synology, look fo the Globe Icon with a plus at the top and click it:
5. Then paste the URL into the box and click OK
Best Torrent Client Synology App
6. This will start downloading a torrent, go back to the Ipleaks page, and click the refresh button inside the box where you downloaded the magnet link. You should now see the IP address that your download station is using, insert this at the top of the page to make sure it’s not your personal IP address!
That’s it! You’re all done now.
What are the Advantages of using a VPN for my Synology NAS?
- VPN encryption protects against eavesdropping and wiretapping, to prevent third parties from intercepting and reading your files.
- Your search history, online behavior, user patterns and location of your downloads and uploads are hidden from your Internet service provider
- A VPN prevents packet sniffers from reading transmitted data.
- It allows you to use geolocation-related plugins as some may be blocked in your location.
- Access peer to peer websites to share content (be legal!) without being blocked and monitored against your choice by your internet service