Automatically reconnect Synology VPNs

I have two Synology NAS’es set up with backup between them. One is buzzing away at the top of our hallway closet, the other one is 40 miles away.

The off-site NAS is connecting via a Synology-provided OpenVPN client. If the connection is lost the client will simply stop trying to reconnect after a certain amount of retries. Not good!

I’ve modified a script I found on GitHub to work with the latest Synology software update, DSM 6. The code looks like this after my edits:

#!/bin/sh

# Replace o1234567890 with your VPN id. To get your id, start the VPN and run: sudo ps aux | grep client_o
# Replace home with the name of your VPN profile in DSM admin panel.
vpnId="o1234567890"
vpnName="home"
vpnProtocol="openvpn"

# You should not need to change the following variables
vpncFile="/usr/syno/etc/synovpnclient/vpnc_connecting"
vpncBin="/usr/syno/bin/synovpnc"

reconnectVPNc () {
    echo conf_id=$vpnId > $vpncFile
    echo conf_name=$vpnName >> $vpncFile
    echo proto=$vpnProtocol >> $vpncFile
    $vpncBin reconnect --protocol=$vpnProtocol --name=$vpnName
}

if echo `ifconfig tun0` | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00"
then
    logger -p 0 -s "VPN is up."
else
    logger -p 0 -s "VPN is down! Trying to reconnect."
    reconnectVPNc
fi

if echo `netstat -rn` | grep -q "tun0"
then
    logger -p 0 -s "VPN route is ok."
else
    logger -p 0 -s "VPN route not found! Reconnecting."
    $vpncBin kill_client --protocol=$vpnProtocol --name=$vpnName
    reconnectVPNc
fi

exit 0

Save the script in /usr/openVPNreconnect or wherever you like and run chmod +x on it. Finally, create a scheduled task to run the script, either in /etc/crontab or the web gui.

You can also find my fork on GitHub if you like. Original by aelveborn.

markdown syntax

Here’s a short test to see how WordPress deals with Markdown.

Make text emphasized: *emphasized*
or strong: **strong**
Write code in a block:

if (carColor -eq red) {
   echo "The car is red!";
}

with three ``` (backticks) surrounding it, or inline code like this: `echo My Code`.

I’ll expand this document and use it as a cheat-sheet for my blogposts. Until then, a quick reference page from WordPress is available here.

ssh tunneling

Instead of googling the syntax all the time; here’s a quick reminder for tunneling with OpenSSH:

ssh user@jumphost -L 12443:192.168.20.5:443 -N

Now, access localhost:12443 and end up on 192.168.20.5:443.

Keep the terminal window open and stop the tunnel with ctrl+c when done.

encrypt/decrypt SSL-key

We are changing a lot of certificates at the moment and I’m receiving the key-files in encrypted format. Here’s a reminder on how to encrypt and decrypt with OpenSSL.

Encrypt

openssl rsa -in certkey.pem -des3 -out certkey.encrypted.pem
Add your pass phrase after hitting enter. This will encrypt your key with 3DES.

Decrypt

openssl rsa -in certkey.encrypted.pem -out certkey.pem


More information can be found on the OpenSSL website.

Hello world!

You found your way to my site, how nice!

On this site I plan to post tips and tricks I pick up from my work as a network consultant. It will mostly be nifty commands from CLIs or Linux shells, but sometimes I will write proper posts too.

We’ll see how this pans out!