Menu
What's new
By:
Filters Better Search

Accessing NAS from internet issues

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

flowrider

flowrider

Regular Contributor
I know that many of you don't think that allowing access to your NAS is a good idea from the internet but help me out anyhow!!
I have a new Asustor 304T NAS that I'm trying to setup. They have a utility called EZ-router which is supposed to help you route traffic from the internet to the NAS. Anyhow I'm getting a double NAT I think. Here's a screenshot of the error I'm receiving.
i-jMG9gGH-X3.png

My setup is as follows:
Actiontec 1200H modem/router bridged on LAN port 1
LAN 1 to Asus AC68 WAN running OpenVPN. Lan port to switch.
NAS connected to switch.

Anyway I'm not too sure how to fix this. My networking skills are rudimentary at best. If anyone can give me a suggestion so that I can fudge around and try and fix this it would be appreciated.
Steve
 
Is the router/modem in PPPoE bridge mode, if your modem uses that mode from the DSL company?
 
I have no idea Joe. It is the modem from the DSL company. I'm amazed that they switched me to this modem/router as it is where I could bridge one LAN port. I'll have a look again but it's literally one radio button and it's done.
 
Sounds like the Actiontec isn't really bridged. If you can access its admin, check it out
 
According to the menus I am in bridge mode. Here's some screens of my modem setup.
I have IPTV so I wasn't sure I I could change my setting to PPPoE. Is there a way to check to see if I'm truly bridges or not? I don't want to bridge the AC68 because it's running Openvpn.
i-sr9vjvf.png

i-HGKvWrJ.png
 
ASUSTOR's EZ-Router function appears to be trying to use UPnP to open router ports [article]. So make sure UPnP is enabled on the ASUS router. If it still doesn't work, open the required ports manually.
If that still doesn't work, then something is off in the Actiontec bridge implementation.

You could try putting the ASUS WAN port IP address in the Actiontec's DMZ. This doesn't reduce your security since the ASUS' firewall is protecting your LAN (except for the ports you open to the ASUSTOR). And if the Actiontec were really bridged, all ports would be open to the ASUS anyway.
 
I just checked and I think I'm checking the correct tab but it's enabled. I'm not too sure what ports I'm supposed to open though.
i-WsFWqFg-X3.png
 
I also tried to add the routers Wan address to the router/modem but it wouldn't take it saying that that it was an invalid IP
 
flowrider said:
I also tried to add the routers Wan address to the router/modem but it wouldn't take it saying that that it was an invalid IP
Click to expand...
If the ASUS WAN IP is a public routable IP, it means that the Actiontec is bridged.

I agree UPnP looks enabled in the ASUS. So open the ports manually. The ports you open depend on the services you are trying to access. Look at the ports in the linked EZ-Router article for a start.

Remember, common service ports like 80, 8080, 443, etc. will be found within minutes, if not seconds. Make sure you have a damned strong password for the NAS itself and all shares.
 
Thanks Tim. Ok so on a lark I disabled my OpenVPN client for Private Internet Access and disabled it. EZ-router now connects fine. I want to be able to run both services. Not too sure where to go from here.
 
flowrider said:
Thanks Tim. Ok so on a lark I disabled my OpenVPN client for Private Internet Access and disabled it. EZ-router now connects fine. I want to be able to run both services. Not too sure where to go from here.
Click to expand...
Well THAT certainly makes a difference!

Why not just access your NAS through VPN?

How are you checking access from the Internet?
 
Okay so an update.
If I disable the OpenVPN client all seems to work. I'm using Merlins newest firmware so what I've done is created a Policy rule for my 2 Apple TV's and main desktop to route through the VPN tunnel. That all seems to work. When I check EZ-router now, some services seem to work (WebDAV) but some don't (FTP, Web Service, etc). I didn't think about access the NAS through VPN if I get you correctly. Are you saying setup a VPN server on the router and go in through that? I'll give that a try. My only issue with that is I don't think I can get through when I'm at work since I'm behind a proxy (or at least it didn't work the last time I tried it).
 
I'd not want to open NAS access to the Internet without at least SSL or VPN, probably the former. Then you have the hassle of getting a certificate, etc.
Synology and QNAP and (who else?) have SSL-only access as an option.

I have opened a router port to do so, on rare occasion. (I do NOT enable uPNP in my LAN!). I sometimes open ports for the NAS, but only for a short duration. Just too many scanners out there and they know the port numbers often used by NASes and they even know vulnerabilities of the Linux versions used by each OS release from NAS vendors.
 
Last edited:
I wouldn't open a NAS box to the internet, just too risky... again, I'm also a person that strongly recommends not putting USB drives on router/AP's...

And like Stevech, I'm not a big fan of uPNP/NAT-PMP - so I disable it, and only open up ports on an as-needed basis...
 
Thanks for your help everyone. I ended up using selective routing on the AC68 and it works fine. OpenVPN and Private Internet Access was blocking any access to the NAS. I'll see how much I actually need to access the NAS through the net then decide whether to block it or not. Some very compelling reasons why to close it off or not.
 
You must log in or register to reply here.

Similar threads

Q
Weird issue with an GT-AX6000 when maxing out ISP provided speeds.
Replies
9
Views
372
Quetz
Q
B
OpenVPN on Asus Router: Synology NAS Fails to Update AntiVirus Definitions
Replies
6
Views
647
billybob2
B
B
Solved GT-AXE16000 port forwarding for Synology NAS
Replies
3
Views
484
B-dog66
B
O
Network Overloaded with NAS + wifi? Is is possible?
Replies
2
Views
357
glens
G
J
Could a router be hacked from WAN end if firmware always up to date, no portwarding, no upnp and wifi disabled.
Replies
5
Views
887
coxhaus
C
Similar threads
Thread starter Title Forum Replies Date
P Typical home NAS setup for family pictures/videos General NAS Discussion 15
thiggins Free NAS Testing Program Invitation from UGreen General NAS Discussion 18
G Zyxel NAS 540 hardware info General NAS Discussion 0
F Migrating Data from one NAS to another General NAS Discussion 1
sfx2000 FriendlyElec CM3588 DIY NAS board - 4 SSD M2 slots General NAS Discussion 13
C Windows NAS - Windows 11 General NAS Discussion 17
H Commercial or DIY NAS General NAS Discussion 22
I LG Nas N2R1 Error Code 0x80070035 General NAS Discussion 4
E Average NAS disk age? General NAS Discussion 13
W NAS questions General NAS Discussion 13

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 830 (members: 13, guests: 817)
Top