FTP access from anywhere.....try 2

[Fig Newton]

Hello,

Well I am attempting to setup an FTP server for fun, in the hopes I will become more conformable with this feature.

I can't access the share from outside the local network.

I followed the instructions given in the FreeNAS9.2.0 guide.
I assume that I forwarded the correct ports on my router to my server.
I can access the share if I type in the local address, from a computer on the local network, followed by the port number. eg: 192.168.1.249:5000

I read through (http://forums.freenas.org/threads/f...ve-directory-listing-problem.6156/#post-58785) and am still not sure what I am doing wrong.

FTP setting on FreeNAS
Port: 5000
Clients: 5
Connections: 2
Login Attempts: 5
Timeout: 600
Path: /mnt/tank
Allow Local User Login: CHECK
Always Chroot: CHECK

Netgear WNDR4300 Port Forwarding
Service Name: FTP
Server IP Address: 192.168.1.249
Protocol: TCP
External Starting Port: 5000
External Ending Port: 5500
Internal Starting Port: 5000
internal Ending Port: 5500

I can use FTP Commander and access the share if I use the local settings: 192.168.1.249 on port 5000

I have not setup a DynDns account yet, so I am trying to access my server by typing in my ip address from my ISP followed by the port number. eg: ftp//:xx.xx.xx.xx:5000

If I left anything out just let me know. Any help is appreciated.
Thanks, Joe

 

[Cupcake]

How are you trying to access it from outside your LAN? Are you using a PC in your LAN and trying to access your NAS by using the WAN (public) IP? If so, that likely will not work. Use your cellphone and a ftp app for testing. Or better: Use sftp. Or better: use VPN to get inside your LAN and don't use ftp at all

 

[Fig Newton]

I am using a cellphone with an ftp app. ES File explorer.

I would LOVE to use VPN. Maybe I'll look into that too.

 

[Fig Newton]

You can delete this, if you want.

I forgot some fairly important Global Configuration settings. eesh. :)

 

[Cupcake]

Im doing something similar. ES File Explorer to mount CIFS+ OpenVPN lets me Stream fullHD to my tablet even when at a friend's Home. combined with a smartTV thats pretty awesome ^^

 

[Fig Newton]

Im doing something similar. ES File Explorer to mount CIFS+ OpenVPN lets me Stream fullHD to my tablet even when at a friend's Home. combined with a smartTV thats pretty awesome ^^

That is my ultimate goal of using FreeNAS over the web. I started looking at http://joepaetzel.wordpress.com/2013/09/22/openvpn-on-freenas-9-1/ .

I literally got lost at step 1.
I will do some more reading and come back to this forum with some real questions.

Thanks for the replies. If you have any pointers for how you did your setup, I will listen.

 

[Cupcake]

Well to be honest I didnt get it working in my final setup last weekend. So today when I get home, I'll continue on that. Here are some thought which might help you (I don't know how much you know about VPN. Two weeks ago I knew nearly nothing...)

There are lots of different forms of VPN, some even unencrypted and are just meant to connect two networks easily. One of the most prominent protocols with encryption is Microsoft's PPTP and it's really easy to set up. All you need is hardware running as a PPTP server and a username and password. However, as of october 2012 PPTP is considered to be cracked. If someone sniffed your packets, he/she can extract the authentication key in a matter of days and then gain access to your private LAN.

Next is OpenVPN which is really great when it comes to security (and it's open source!). It combines different methods to counter all known attack vectors. So once you decide what you want, you need some hardware to run the VPN server on it. This can be any PC (windows or linux for sure, Mac I dont know). But you probably don't want a whole PC running *just* to act as a VPN server. Then there is the possibility of setting up a jail in freenas and install a vpn server there (tutorials for this exist). But any security expert would tell you not to do that and use two physically separated servers for VPN and for file hosting (freenas). Reason is that the machine running the VPN server needs to be reachable from outside your LAN, i.e. the internet. Therefore it should be a dedicated system specifically designed for that purpose.

As I use a netgear WNDR3700 router, I saw that it is possible to flash different firmware on it and remove the one from netgear. I went with DD-WRT which happens to support OpenVPN, meaning I can let it run as a VPN server. You could also buy something like an Alix board (a small device with some ethernet ports and very low power usage) and then install pfsense on it, which is an open source firewall and also happens to be able to run as a vpn server.

Your first step is now probably to find the most efficient hardware/software combination to let you run your own vpn server. Then you'll probably need a domain pointing to your dynamic IP. Gladly your freenas system has a service for that. It only requires your login and domain information of one of the sites like dyndns.org or freedns.afraid.org and will then automatically update the IP.