setting up NAS drive behind router...

loady

Inactive User
Joined
Jul 27, 2005
Messages
1,328
Reaction score
3
Location
Andromeda system
Hi,

I have setup my LAN drive to record from my dreambox, it is ftp and smaba capable and i also want to use it to be able to access files via the net from someone elses house....its plugged ino my router so i want to be able to just leave the drive switched on and the router and modem so i can leave the pc off...the router is a linksys wrt54gs v4....does anyone know exacly what i need to do or where i can find a comprehensive guide that explains it simply ??
 
You need to forward the SAMBA or ftp ports through your router to the NAS drive. So for ftp access, forward port 21, for samba, I think it's 139 and 445. Then you should be able to connect to your external ip.

DO NOT DO THIS!!! Especially with samba. It's an unsecure protocol, and is not designed to be sent across the internet. What sort of system have you got at your friends house? Is it another dreambox? You might be able to use shfs, which uses ssh to securely mount filesystems.

How confident are you with linux?

edit: You could also get this to work just using an ssh tunnel.

Have a look at this page for a step by step guide to getting something working with windows at your mates house.
 
Last edited:
I dont know linux at all.

When you say dont do this as itsnot secure, to what extent ? could someone compromise my router and then access my pc ? im not really concerened about anyone hacking the ftp drive, its external and connected to the router and if i have only set read access then what can anyone do ?.....also if i set it as public then theres no reason for anyone to suspect im hiding valuable information....what else do you recomend ?

Basically i want to be able to grab stuff off it via the internet as and when needed. Doing it through a web browser would be ideal.
 
I really wouldn't recommend forwarding the samba, but provided you properly set up passwords, (and it's decent firmware on the NAS) you could use ftp. In this case you only need to forward port 21 through the router (I think port forwarding is on the 'Applications and games' tab on the router web interface (it's been a long time since I had standard firmware on my linksys). So you'd add an entry that forwarded 21 to the local i.p. address of your NAS.

This is still insecure (anyone listening on the network with a hacked modem can read everything you send and recieve), and is likely to be scanned a lot by port sniffers. It'll likely attract a lot of password guessing attacks etc. What might happen if you do get hacked all depends on how good the firmware on the NAS is. What sort is it? Have a look to see if there are any security alerts about it.

If you were happy with linux, I'd reccommend installing OpenWRT on the router. But it's not easy for a novice.

Assuming you do go with the ftp method, you can just point your mates browser at your external i.p. address (the one that's not 192.168.1.xxx) with a url like fxp://your_external_ip (obviously replace x by t) and you should get asked to put in your password for the NAS.

This should be sufficient if all you want is access from a browser (I originally thought you were trying to mount your NAS as a network drive at your friends house). Note that your external i.p. address might change if you reset the modem, loose power etc.
 
Ok...i vaugely also remember being told that i could use a different port to avoid the common sniffing of 21.....say port 2330 for example...but in doing that i need to forward a range of ports for access...something to do with passive and something else...the unit i am using is a landrive http://www.usbex.com/landrive/

Also to get around the chaging ip address of the dynamic ip given by my isp...i could set up a dns with a service that will auto update if my ip changes, i believe there are free services like this available ?
 
Yes, there's theoretically no problem with changing the port assignments. I just don't think you can do it with the default linksys firmware. You're right, changing from the default port 21 would reduce the risk considerably, but it wouldn't eliminate it. I'd recommend installing a different firmware anyway. I use OpenWRT, but you could try DD-WRT. By all accounts its very good, and will probably handle the port redirection.

You're right again about the dynamic dns. I think you still have to pay to register a domain name though. I could well be wrong about this though.

It looks like the firmware may well be good. At least they're updating it :).

Assuming you do change the firmware on the router, there's plenty of scope for setting up a truly secure system. But if the ftp works for you, has a GOOD password, no anonymous connections etc, and you can put up with cleartext transmission, stick with it.

Hope this helps

edit: I don't have a dreambox, and have never used one, but I imagine you could put an ssh/sftp server on it. Then just forward that through the firewall. You could use any sftp client you like(e.g. Filezilla ) to connect to it securely. IMHO this would be preferable to using ftp.
 
Last edited:
Im sure i have forwarded the ports on the router to do this before, but it has been a sketchy business, maybe that is becasue i have little understanding of what i was doing....this open wrt, i have heard of this, is it free and why would it be difficult to use ? is it command driven so therefore i would need an understanding of linux or even need a linux partition running on my pc to use it.............im having a gret deal of trouble finding a walk through to guide me through setting up what i want.

EDIT: I had a nose around the dd wrt link....im really not sure what i should be installing and how to install...i assume i use the built in firmware update within the current fw, what do i need to have, he bin file ? if so which one ?
 
Last edited:
I don't think there's a guide for this on DW or other forums, you can't have a guide for everything!

Go into the 'Applications and Gaming' section of the web interface.

LinksysPortF.gif


Application - NAS
Start port - 21
End port - 21
Protocol - Not sure, I have it set to BOTH
IP address - local ip address of NAS, i.e. 192.168.1.xxx

Save settings.

Use the ip address of your cable modem to connect to it.

Remember to change all your default admin passwords on the NAS and on the router.

Use the ftp server section of the NAS to create ftp accounts. You can also assign the folders that the account can see.
 
Last edited:
Well my router is set to dhcp so i dont have to forward the ports for the router...it just connects...same for the xbox360, but this i think is becasue i dont want them to be accessible from the outside right ?

I do like the look of the dd wrt firmware and have had sveasoft alchemy on this before and was very happy with it.
 
it doesn't matter if it's dhcp or not. When you type your modem ip address into your browser, i.e. ftp://77.100.248.50 you won't get anything. That's because port 21 isn't assigned to an ip address. If you assign your NAS ip address to port 21 then that's where it'll go.
 
Yeah...that make sense.....have you tried this dd-wrt firmware....i gotta say its awesome..so much you can do with it...its looking like i can assign a switch to be a wan port, maybe i read that wrong but if i am right could have a dual wan here ??
 
Still running the default firmware on my Linksys but might check this out if it's 'all that'! ;)
 
I'm running DD-WRT on a Linksys WRT54GL and a Buffalo WHR-HP-G54 and it's much better than the stock firmware. You can increase signal power and restrict bandwidth to your networked devices via MAC addy.....

At home I running DD-WRT on the Buffalo and have NAS sat behind the router. The Nas is just an old machine I have which is running Freenas. I'm booting it from USB stick and have 2 x 250gb drives in the NAS....Might be worth you looking at using DD-WRT and Freenas together..If I can set it up I'm sure most people can!
 
ALL THAT.....? your joking...its all that and then some !!!...i just set wpa2 on mine...not even linksys own firmware has support for that !!! no one is going to be hacking my router...WEP is dead now....the functions availble on this are unbelievable...im going to be studying this all day...i honestly reccomend you see this devilfish.
 
maybe i read that wrong but if i am right could have a dual wan here ??

Have a look here. You can set up something better as well, but it takes more work (can't find the link just now). The great thing about these firmwares is that they turn your router into a mini PC. As for the difference between DD-WRT and OpenWRT, DD-WRT is aimed at a non linux general user. OpenWRT is meant to be used from the command line (a web interface is available, but it only has basic configuration in it), which imho gives a more powerful interface (provided of course you know what you're doing).
 
Been online with pootas for the last 5 hours...gotta take me hat off to him...he has been a great help....got the nas setup behind the router with dd wrt special edition on it.....and he has given me a few guides to help me along....got the nas working beautifuly..just needed to forward a larger range of ports...we even played with dmz to the nas but the latter method is more secure.

Gonna have a go at the round robin method to turn the router into a dual wan...: spook :
 
You might think about having the port open when you're using it.

Setup remote admin on the Linksys (https ONLY - v important)

THen when you want to enable remote ftp, access the router from the remote site, turn on the service, do your stuff, and tuen it off again when you're finished.

This will hugely increase the security of the system, and the number of hack attempts tries.

It's vitally important to use https:// for the remote admin (else you open an even bigger security hole that you fix)
 
did u get this working?

i've been trying to do this for a while ,i use dd-wrt firmware on my router,i've forward the ports but it just will not connect
 
Back
Top