Here is the configuration I use for my home NAS. I purchased all the components from www.newegg.com
4x Samsung F4 2TB SATA Drives in RAID 5
40GB Vertex SSD (for OS)
Zotac ION ITX-L-E Atom 330 Mobo
HighPoint RocketRAID 2640x4 SGL Controller (In your case I would look at this: http://www.newegg.com/Product/Product.aspx?Item=N82E16816118106. and also purchase a backup battery for the RAID card: http://www.newegg.com/Product/Product.aspx?Item=N82E16816118118. Alternatively, you can keep the whole system on a UPS).
Lian Li PC-Q08B Mini-ITX Case
Corsair CX430 430W PSU
Corsair 2GB DDR3 1333
For OpenVPN go to http://openvpn.net/. All the instructions are listed there.
I use Windows 7 for the operating system. I only have need for a PPTP VPN and here are the instructions I wrote up for it:
1. Assign NAS a static local IP
-Right click your LAN connection from the control panel and select Properties.
-Select Internet Protocol Version 4 (TCP/IPv4) and select Properties.
-Check the 'Use the following IP address' bubble and select any IP within the enabled range of your router (this can be changed on the router and some routers do not allow assignment of IPs outside the DHCP range). The subnet mask should be set to 255.255.255.0 (in most cases) and the default gateway should be set to your router's IP address.
-Manually set the DNS server to your router's IP address.
2. Sign-up for a DDNS account with www.dyndns.org
-Most home uses have dynamic IP addresses which change at least once a month.
-Either you can pay for a static IP from your ISP (these are expensive) or you can sign up for a free dynamic DNS account which will assign you a URL which is updated whenever your IP address changes. This essentially gives you a link to your router and thus your LAN and thus your NAS.
-Follow the instructions for the site and take note of your URL.
3. Program your router to auto update to DDNS or use the DDNS Updater application and run it on the NAS
-Some routers support automatic DDNS updating, they often require your domain name (ie. MYNAS.dynDNS.com), user name, and password.
-If your router does not support this, download the DynDNS Updater application from: http://www.dyndns.com/support/clients/
-Install the application on your NAS and place a check next to the domain your wish to update, this application will ensure every time your WAN IP changes it will update your dynDNS URL.
4. If using your router's built-in firewall, enable VPN (PPTP) pass-through or forward the following ports to your NAS.
-These settings will vary depending on what router you use, but if there is no VPN pass-through make sure you forward the following ports to your NAS (only necessary if you have your router firewall enabled). Note that I am covering the most basic VPN protocol (Point-to-Point Tunneling Protocol)
PPTP - 1723 (TCP)
RDP - 3389 (TCP)
5. On the NAS establish user accounts for the clients you wish to use, if for personal use it is easiest to make them all Administrators
6. Share your storage drive(s) remotely
-Right click the drive in Computer tab and select: Sharing > Advanced Sharing.
-Check share and select users with whom you wish to share. Note that it is possible for someone to establish a VPN connection with the NAS if they have a user account, but not access a file if they do not have permission enabled under sharing.
-Advanced permissions can also be set from this page.
7. Establish a VPN server on the NAS
-Navigate to Control Panel > Network and Internet > Network Connections
-Press Alt+F and select 'New Incoming Connections'
-Place a check next to the users you wish to allow remote access via VPN.
-Check 'Through the Internet (VPN)' and click Next.
-Make sure there are checks next to TCP/IPv4, File and Print Sharing, and QoS Packet Scheduler.
- You can choose to check or uncheck TCP/IPv6
-Select TCP/IPv4 and select properties.
-Check 'Allow callers access to my LAN'. This will allow the remote user to access the NAS. Remember that the VPN is a virtual host and while it runs off the NAS is separate, if you do not check this all connected users will be forwarded to a different subnet (255.255.255.255) and will not be able to see or access anything on the LAN.
-Allow ensure that IP address assignment is set to 'automatic using DHCP'
-Make sure the box 'Allow calling computer to specify IP address' is unchecked.
-Hit OK and then click 'Allow Access'
-You will now see a new item in the Network Connections box called 'Incoming Connections'. This is your VPN host.
8. Establish VPN clients on any computer you wish to use to connect remotely to your NAS.
-From the 'Network and Sharing Center' click on the 'Set Up a Connection or Network' link.
-Select 'Connect to a workplace' and click Next.
-Click on 'Use my Internet Connection(VPN)'
-In the internet address field enter your DynDNS URL (ie. MYNAS.dynDNS.com)
-Give your client a name (ie. MYVPNClient).
-Check 'Don't connect now; just set it up' and click next.
-Don't type in a user or password, click Create, then click Close.
-Go to 'Change adapter settings' link from the 'Network and Sharing Center' (top left).
-Right click the new MYVPNClient connection and select properties.
-Select the 'Security' tab and select PPTP from the 'Type of VPN' dropdown menu.
-From the 'Data encryption' drowndown select 'Require Encryption'
-Under the 'Allow these protocols' option make sure that only MS-CHAPv2 is checked.
-Next, go to the 'Networking' tab.
-Uncheck TCP/IPv6
-Select TCP/IPv4 and click 'Properties'. Click 'Advanced' and uncheck 'Use default gateway on remote network'. Click OK. (This will interfere with simultaneous use of the local internet on the client and the VPN connection, unless your VPN server is also setup as a proxy). Click OK, click OK.
9. Automate the VPN login and drive mapping using batch scripting.
-The following batch scripts can be used by copying the lines into a standard .txt file and changing the extension to .bat. All comments are in red and should not be included in the .txt file.
Connect VPN and Map shared drive
ipconfig | findstr "192.168" */checks for a LAN connection (assuming you use 192.168.*.*)
if %ERRORLEVEL% == 0 goto :bye */ if LAN connection exists then exit, if not continue
rasdial.exe [VPN Connection name] [user name] [password] */ establish VPN connection
net use [drive letter you wish to assign to map]: "[\\local IP of NAS\shared drive or folder name]" [password] /USER:[username] */ Maps shared drive to a drive letter.
:bye */ exit
Disconnect mapping and VPN
ipconfig | findstr "192.168" */checks for a LAN connection (assuming you use 192.168.*.*)
if %ERRORLEVEL% == 1 goto :bye */ if LAN connection exists then continue, if not then exit.
net use * /delete */ Disconnect mapped drives.
rasdial.exe [VPN Connection name] /DISCONNECT /Y */ disconnect from VPN
:bye
Example using previously mentioned names.
ipconfig | findstr"192.168"
if %ERRORLEVEL%==0 goto :bye
rasdial.exe MYVPNClinet nasuser naspassword
net use X: "\\192.168.1.100\SharedDrive" naspassword /USER:nasuser
:bye