[Important Security Notice] Fake Qfinder Pro Websites Detected. Learn more >
Search

How do I securely access my NAS from the Internet using QVPN?

Last modified date: 2025-12-02

Applicable Products

  • QTS / QuTS hero NAS (with QVPN service)
  • QuHora series
  • QMiro series

Scenario

You want to securely access your NAS over the Internet by requiring all connections to use a VPN tunnel. You plan to use the QVPN service on your NAS, but your NAS may not support QVPN. You are also considering using a QNAP router (QHora or QMiro) as a VPN server.

Solution

1. Using QVPN service on a supported NAS

  • Enable the QVPN service on your NAS.
  • Configure a VPN server (such as QBelt, OpenVPN, L2TP, or WireGuard) in QVPN.
  • Manually open only the specific VPN service port(s) on your router that correspond to the VPN protocol you are using. See the table below for commonly used port numbers.
  • Do not open other NAS service ports to the Internet. This ensures all access is tunneled through the VPN.
Common VPN Protocol Ports
VPN ProtocolDefault Port(s)Protocol Type
L2TP/IPSec500, 4500, 1701UDP
OpenVPN1194UDP
WireGuard51820UDP
QBelt443UDP

Note: The actual port numbers may be customized in your device settings. Always confirm the configured port in your QVPN management interface.

Security Reminder: For best security, avoid enabling UPnP (Universal Plug and Play) on your router. Instead, use manual port forwarding to control which ports are open to the Internet. Enabling UPnP can unintentionally expose additional services to the Internet, increasing security risks.

Tip: If your device cannot locate the router, use the rescan or diagnostics features.

2. If your NAS does not support QVPN service

  • You can use a QNAP router (QHora or QMiro series) as a VPN server.
  • Configure the VPN server (such as QBelt) on the router using the QuRouter management interface.
  • Manually open only the VPN service port(s) on the router for the chosen VPN protocol. Refer to the table above for default ports, and verify the settings in your device interface.
  • Connect to the VPN server from your client device, and then access your NAS through the secure VPN tunnel.
  • Do not expose NAS service ports directly to the Internet.

Limitations

  • If your NAS is too old to support QVPN, you must use an external VPN server, such as a QNAP router, to provide secure access.
  • Port numbers may be changed from their defaults. Always verify the actual port configuration in your device interface.

Further Reading

Was this article helpful?

Yes. No.
100% of people think it helps.
Thank you for your feedback.

Please tell us how this article can be improved:

If you want to provide additional feedback, please include it below.

Choose specification

      Show more Less
      Choose Your Country or Region
      back to top