I tried this as well and it worked, but you have to have it installed in all your devices and get them into your node by running the app and logging in. Good but the old fashioned traditional way is better.Honestly, you want a DEAD simple VPN where you just download apps and connect?
Go get Tailscale:
https://tailscale.com/
It's a stellar service for exactly this use case. You install Tailscale on your synology, and phone or whatever. Log into it from both devices. Then you can either use the VPN IP address, or set it up to expose your internal network across the VPN. All done. No need to share configs or certs or anything.
To vpn into your lan: Your home router is pre-configured. From the device you are using while away, you run the client software and this device instantly becomes another device in your LAN. What do I carry with me all the time? My phone is always with me, and I take my laptop with me when I travel for more control/options and they both have the client software installed and configured so it is like I'm always home. I'm the one who initiates the connection, and nothing needs to be done at home. I can even ping my kid's nintendo switch if it is connected to WiFi. Whereas with tailscale, you need to make sure every device you want to access have tailscale software installed and logged in.