I have a synology WRX 560 WiFi router and also a DS923+
Right now I have the openvpn server running on the DS923. However I wonder if it would be better for the vpn to run on the synology router. I have port forwarding on the router which opens up the openvpn server to the internet. If the synology was running the vpn server directly then port forwarding would not be necessary.
The router has a tiny processor, comparable to a j-model NAS. The DS923+ has a better processor and is able to handle higher VPN throughput.
I don’t think openvpn is supported on the router. They do have synology vpnplus though. It works but can be more finicky than openvpn imo. I’ve been using Tailscale recently and it’s a much easier to use vpn.
I have a similar setup. I run OpenVPN, L2TP, and Synology SSL on the router. I get great throughput. It is always best to let the router route.
It depends. Performance wise the NAS will probably be better if there’s no bottleneck between it and the router, but it’s worth considering that you’re putting your access point into the network on the same machine that holds your data. While it’s not super likely that someone is going to break Wireguard or OpenVPN, it is a decent practice to have separate machines take care of these tasks to reduce the fallout of a compromised system.
https://www.reddit.com/r/synology/comments/l2kf6m/vpn_on_the_router_or_on_the_nas_when_to_use_which/
Either will work at the end of the day.
+1 to Tailscale. I considered setting up openvpn via Docker or something, but then I found Tailscale met all my requirements for access to home network.