This video covers setting up WireGuard on a Synology NAS running DSM 7 along with managing WireGuard clients using the wg-easy Docker container.
The video topics include:
• The prerequisite step of setting up DDNS and port forwarding.
NOTE – While not mentioned in the video installing the Docker Package from the Package Center is another prerequisite that I forgot to mention.
• Explaining how to run WireGuard on a Synology NAS using Runfalk’s synology-wireguard SPK files.
• Installing and enabling the WireGuard SPK file for your specific Synology NAS.
• Setting up the WeeJeWel wg-easy Docker container that will be used to manage WireGuard.
• Setup a MacBook as a WireGuard client.
• Setup an iPhone as a WireGuard client.
===
SUPPORT THIS CHANNEL
• Buy Me a Coffee – https://www.buymeacoffee.com/digitalaloha
• PrivadoVPN – https://privadovpn.com/#a_aid=digitalaloha
• Linode – https://linode.gvw92c.net/digitalaloha
Synology NAS Models I use and recommend (Amazon Affiliate Links)
• Synology 2 Bay NAS DS220+ – https://amzn.to/3oYkARI
• Synology 2 Bay NAS DS720+ – https://amzn.to/3sGdjbl
• Synology 4 Bay NAS DS920+ – https://amzn.to/3EpyOBR
===
In the video I mentioned or referenced the following link:
• My video covering DDNS and Port Forwarding – https://youtu.be/47Keg9IehdI
• My video on configuring WireGuard on a Synology NAS – https://youtu.be/uPjAirU4occ
• My Google Drive with WireGuard SPK files – https://drive.google.com/drive/folders/1Ci-8oWZ_gW8tH3mv5wKL19nKE1pR8ZfH
• What kind of CPU does my Synology NAS have? – https://kb.synology.com/en-me/DSM/tutorial/What_kind_of_CPU_does_my_NAS_have
• WeeJeWel/wg-easy (WireGuard Easy) Docker Hub page – https://registry.hub.docker.com/r/weejewel/wg-easy/
Commands used in the video:
• sudo /var/packages/WireGuard/scripts/start (Command to start up WireGuard)
• Command used to setup the wg-easy Docker container that is used to manage WireGuard:
sudo docker run -d
–name=wg-easy
-e WG_HOST=external_ip_or_ddns_hostname
-e PASSWORD=password_you_would_like_to_use
-v /volume1/docker/wg-easy:/etc/wireguard
-p 51820:51820/udp
-p 51821:51821/tcp
–cap-add=NET_ADMIN
–cap-add=SYS_MODULE
–sysctl=”net.ipv4.conf.all.src_valid_mark=1″
–sysctl=”net.ipv4.ip_forward=1″
–restart unless-stopped
weejewel/wg-easy
Timecodes
0:00 | Introduction
0:20 | Prerequisite – Setup DDNS and Port Forwarding
1:37 | Explanation on Running WireGuard on a Synology NAS
2:24 | Prebuilt DSM7 WireGuard SPK Files That You Can Use
3:23 | Install the WireGuard SPK file and Enable WireGuard
4:41 | Setup the wg-easy Docker Container to Manage WireGuard
6:25 | Connect to the wg-easy WireGuard Web UI
7:02 | Setup a MacBook as a WireGuard Client
8:26 | Setup an iPhone as a WireGuard Client
9:21 | Closing
#synology #wireguard #docker
INSTALL DOCKER – I forgot to mention this in the video but installing the Docker package from the Package Center is another prerequisite. Sorry about that.
Great tutorial! Now, update released on package center. from 1.0.20220627 to 1.1.20220627. Once I push Update, after download I get this error: "Invalid file format. Please contact the package developer. " Do you know how to resolve this?
I just installed it and it works perfect! one question, in the future to update the containers, how is it done? Skip the automatic update notice or do you have to be aware? thank you.
I did all this and added to my phone using QR Code and then it did not work. My phone says no internet when connected. Any Ideas?
Awesome video. Thanks a lot. Very easy to follow and I finally installed the Wireguard in my Synology 220+ NAS.
Yes thank you there wa a Problem on wg-easy , i dont understand when i am connected with wireguard whats my ip Shows the correct ip adresse from the nas but i cant connect to the nas from my Handy also when im not in the same Network? Thanks for Help.
Great video, easy to follow, I'm just wondering how would you access the network shares using wireguard on synology?
Installed into DS218+ kernel not supported DSM 7.1.1-42962. can you help me to solve this? so i have no 7.1 image for apollolake!
Thank you. Very easy.
Great video. I got this setup quickly with your help. Thank you for your service!
Great tutorial
Hi there, i've been following everystep till the end but my issue is that both my clients and my synology server shows that it's connected. But my client side it can't connect to the internet such as google,youtube.etc….. Can you please help me out by stating ur insight on what's wrong with it?
Muy buenas espero alguien me pueda ayudar porque tengo un problema y no se como solucionarlo, todo me va bien pero cuando intento conectar otro dispositivo ese dispositivo no puede conectarse a mis servidores internos de casa, por ejemplo no puedo entrar en el nas ni tampoco en ningun servicio del nas, alguna ayuda?? porfavor me estoy volviendo loco con esto JAJAJA
Work Perfect 😉 THX !
Thanks, this is the most clear document find, even in my language, Spanish . Thanks again, just a question, why you redirect in wireguard the dns to Cloudflare and not to the Nas?
How about connecting to a Wireguard remote server (such as ProtonVPN or Surfshark) using Synology NAS, just like the OpenVPN client built-in, is this possible?
What will happen once Synology releases DSM7.2?
thx😊
ufff….I went thru it and got it. Just a tip…windows users might not be very common with the use of a terminal. even a terminal that works with ssh tunnel. so you might implement that somehow. I used Putty finally to get it work
Anyways many thx for your patient and good tuto
Unti few days ago was woring fine, today, I receive this error , port in use
docker: Error response from daemon: driver failed programming external connectivity on endpoint wg-easy : Error starting userland proxy: listen udp4 0.0.0.0:51820: bind: addr ess already in use.
I tried to use this command to see which process would use but root@PIC-HOME:~# netstat -anpe | grep "51820" | grep "LISTEN" , gives nothing
It was working fine, but now stopped saying port 51820 is in use .. but I don't see anything else that is using the port 51820
Hi, how to change DNS to point to an Adguard DNS (I have it on the same Synology NAS) ?
Any chance you could add the R1000 to the package list? It's for the DS1522+
I have OpenVPN working, but it's VERY slow… I hope WireGuard performs a bit better.
Thank you that help's me.
great video, just what i need. does it support ipv6 btw?
Hello how can i connect to my nas or docker container 192.168.178.2:5001? ,thats not possible!
Hi, it´s neccesary to lauch terminal command each time i reboot the server?
How can i access my remote lan? for example ssh server in the network while i am outside?
THANK YOU!
Excellent tutorial, really well made. Works fine to connect my iPhone to my NAS, but not for my Windows 11 machine (over iPhone Hotspot). The official Windows client says: "Sending handshake initiation to peer 1 […IPv6AddressHere…]" and then "Handshake for peer 1 […] did not complete after 5 seconds, retrying" on repeat. Any ideas?
Must have sth. to do with the iPhone hotspot because it works when I connect my notebook to my neighbors wifi..
Es de los mejores videos que vi sobre este tema pero omitiste decir que se deben crear subcarpetas en el File Station del docker de Synology y si la gente se salta este paso no les funcionará. De todas formas soy partidario para este tipo de configuraciones hacerlo desde el router ya con un apartado de WireGuard para no solapar otras configuraciones complejas que se puedan tener, muy agradecido por tu video.
Is it worth to configure over the builtin DSM OpenVPN package? Sounds interesting.