VPN Logs on Synology: Location & Usage Guide

VPN Logs, Where They Are & How to Use Them

If you’re running a VPN on your Synology NAS, logging is just as important as encryption. VPN logs help you troubleshoot connection issues, investigate suspicious activity, and prepare for audits. Yet many administrators are unsure where these logs are stored or how to interpret them.

In 2026, with increased remote access and tighter compliance requirements, understanding VPN logs is essential for maintaining visibility and security.

Why VPN Logs Matter

VPN logs provide critical information such as:

• Successful and failed login attempts

• Source IP addresses

• Connection start and end times

• Authentication errors

• Session duration

Without logs, diagnosing problems or investigating potential breaches becomes guesswork.

Where VPN Logs Are Stored in Synology DSM

On Synology NAS systems running DSM 7:

Log Center (Primary Location)

Most VPN activity is recorded in Log Center.

To access:

1. Log in to DSM

2. Open Log Center

3. Filter by VPN Server

You will see entries for:

• OpenVPN connections

• L2TP/IPSec login attempts

• Failed authentication events

This is the easiest and safest place to review logs. View how to fix common OpenVPN and L2TP/IPSec connection errors

VPN Server Package Logs

Some detailed logs can also be found inside the VPN Server package itself.

To access:

1. Open VPN Server

2. Navigate to the Log section

3. Enable detailed logging if needed

If verbose logging is disabled, you may only see minimal session data. Learn how to analyse VPN activity using Synology Log Center tools

SSH-Level Log Access (Advanced)

For deeper troubleshooting, advanced users can access system logs via SSH.

Common locations include:
/var/log/

How to Enable Detailed VPN Logging

If logs seem incomplete:

1. Open VPN Server

2. Enable detailed logging

3. Restart the VPN service if required

Make sure Log Center retention settings are configured so logs are not automatically deleted too quickly.

How to Use VPN Logs for Troubleshooting

Here are practical use cases:

1. Diagnosing Login Failures

Look for:

• Incorrect credentials

• Expired certificates

• Blocked IP addresses

• Port connectivity errors

Repeated failed attempts from one IP may indicate brute-force activity.

2. Identifying Suspicious Activity

Watch for:

• Login attempts outside business hours

• Foreign IP addresses

• Rapid repeated authentication failures

• Multiple users connecting from the same external IP

These patterns can signal compromised credentials.

3. Verifying Session Stability

If users report VPN drops:

• Check session start and end times

• Identify disconnect reasons

• Look for network timeout errors

This helps determine whether the issue is client-side or server-side.

Using Log Center for Real-Time Monitoring

To move from reactive to proactive monitoring:

• Create alert rules for failed login thresholds

• Enable email notifications

• Forward logs to an external SIEM

• Combine VPN logs with firewall logs, Learn how to correlate VPN activity using Synology Log Center effectively

Correlating VPN and firewall events gives better context for security analysis.

Best Practices for VPN Log Management

To maintain audit readiness:

• Set log retention policies aligned with compliance needs

• Restrict access to logs

• Export logs periodically

• Back up critical audit records

Logs should be protected from tampering and unauthorized access. Learn how to implement audit-ready logging for Synology VPN environments

Synology-Specific Security Benefits

DSM 7 enhances logging granularity and integrates VPN logs with:

• Firewall monitoring

• Account auto-blocking

• Certificate management

• Snapshot protection

This creates a unified visibility framework when properly configured.

About Epis Technology

Epis Technology helps organizations implement centralized monitoring for VPN and NAS environments. The team configures detailed logging, integrates Log Center with external monitoring platforms, and aligns retention policies with compliance requirements. Contact Epis Technology for expert VPN monitoring and logging solutions. They also combine VPN monitoring with Microsoft 365 backup visibility and hybrid disaster recovery planning to ensure complete operational oversight. Instead of manually checking logs, businesses gain structured real-time alerting and reporting.