Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




52 posts

Master Geek


Topic # 106300 21-Jul-2012 13:10 Send private message

I’m wanting to establish NAS at home for backup and file internet access and would appreciate some advice. I have an iMac and a PC desktop, iPhones and a few laptops, all of which I’d like to have access a NAS; probably 4TB. I want the NAS to be hidden in the house somewhere away from the desktops. I’ve read reviews on gear and the more I read the more confusing things can become as I’ve never actually seen a NAS setup or spoken to anyone who knows what one is.

Even though I want the NAS hidden, I’d like to run ethernet to it as I believe read/write would be faster – I’m not sure? The of course, the cable is a giveaway that there’s more hardware to be found should there be a break-in at home. So, I’m in two minds here.
Time Machine? WD My Book? Something else? Dunno what’s a good solution. Any help appreciated please

View this topic in a long page with up to 500 replies per page Create new topic

This is a filtered page: currently showing replies marked as answers. Click here to see full discussion.



52 posts

Master Geek


  Reply # 705686 24-Oct-2012 13:27 Send private message

Thanks

Bought QNAP 410 and a Netgear GB switch and couple of WG drives. I'm ready to go.......

368 posts

Ultimate Geek
+1 received by user: 1


  Reply # 708179 29-Oct-2012 02:21 Send private message

Yorkshirekid: Ok - I'm [technically] stuck.

RTFM - done that. But still can't figure out out to configure the NAS and need advice please.

The basic config is done, but I don't understand how to get the NAS into a state where it can reach it from the www. Meaning I want to be able access it from my iPhone or cafe in Auckland, Wellington, TimBuk2... And anyone else in the family too.

It's the setting up of the DDNS that i can't figure out. I believe I need to do this via my ISP or some other service? If it is from 'some other service' then is there a free option? I need a step by step instructions or a friendly Geek that can guide me though this process please.


Hmmm, Cafe in Auckland.... not sure about Timbuktu, but Mopti doesn't have a whole lot of Internet happening. ;-)

So... I'd set up a DDNS on the router. A lot of routers have predefined services and you can select one. I chose DynDNS.

This just marries a private IP address with a Global IP address.

This will give you access to your home LAN from an external Global IP address.

You can now drill (port-forward) data over port 80, 8080, 21 and etc into your LAN. I would strongly suggest NAT outside of well know ports, thus slowing down port scanners slightly.

This is extremely insecure and even with source/destination IP address filtering one is still prone to attack. Not recommended.

The best approach is to create a VPN Server in your local LAN and then use the likes of OpenVPN(best)/PPTP(weak security) with the appropriate firewall/IP filtering in place.

QNAP or Synology NAS both support OpenVPN and PPTP servers.

As the NAS holds ones precious things, one could elected to use a router as an OpenVPN and PPTP server and then add one last IP filter on the NAS Ethernet. This just gives one more level of separation  from the world to your data.  

If you are heading out beyond Bamako, then OpenVPN is the only real answer, oh and a good battery.

All this works fine in an Android, TomatoUSB and QNAP(most probably Synology too)  environment.

ADSL2+ upload at ~850Kbits is the biggest party pooper in the whole package. ;-)

368 posts

Ultimate Geek
+1 received by user: 1


  Reply # 708273 29-Oct-2012 11:22 Send private message

Ok. Lets walk and talk.

If we go through the whole process using only your NAS, we can create the solution you require.

This has no consideration for hardened security and is just to provide a solution, so that a process can be understood.

1). Create a Dynamic DNS name.

    We will use www.dyndns.com. You will create an account with the organisation and you will register a global DNS IP host name you have chosen.
    i.e. dogon.dyndns-home.com    
    
    This DNS name is then mapped to your ISP IP address currently being used.
    
    This is my DDNS. There are many like it, but this one is mine.
    My DDNS is my best friend. It is my life. I must master it as I must master my life.
    My DDNS, without me, is useless......    
    
2) Create a DDNS connection from your QNAP NAS.

   System Admin -> Network -> DDNS.
   
   Now fill in the field with the information you have from creating your DDNS entry on www.dyndns.com

   DDNS Server: www.dyndns.com
   Username:
   Password:
   HostName: hostname you created on www.dnydns.com   
   
   Apply.

   
3) Check status.

   Your NAS should now see a path to the network and should say, "DDNS update success" in the Recent DDNS Update Result display.

4) You will now access your NAS by addressing it as dogon.dyndns-home.com on the IP port of the service you wish to access. 21/20 for FTP, 80 for HTTP or 443 HTTPS etc.

  
Set up DDNS Service for Remote Internet Access to QNAP NAS


Now you will read, that you have to enable access from the outside world through your modem/router to your NAS.

This means granting the _WORLD_ access to your NAS on the services you select.

This could be:
Port 80 or 8080 for web access if you are hosting a Web server on your NAS.
Port 21 and port 20 for FTP depending on configuration.
Port 23 for mail
Port 3306 for MySQL data access.

And the list goes on.

This would mean a Username/password on your NAS is the only thing stopping a hacker from uploading hacker software to your NAS and converting it into a zombie bot. If that doesn't scare the living daylights out of you it should!!!

To slow the hackers down..a bit, you _MUST_ enable IP network filtering on your modem/router/NAS or bespoke firewall to restrict IP source/destination addresses to a manageable 'group'.

Assuming you're a home user and not a corporate providing a Web service, the above would just be madness and a recipe for disaster.

Now using a secure tunnel, namely a VPN comes to the fore. The QNAP NAS supports PPTP (easy to setup and use, but weak security) and OpneVPN which is more secure with client/server certificates.

Using a VPN removes the requirement to open well know IP ports on you modem/router; which light up like a lighthouse to any would be hackers. You now only have to open the PPTP port and GRE IP protocol or OpenVPN port to gain access to your NAS. This provides a security challenge before your even get to the User/password level of your NAS.

Again, this is not ideal as all this is happening ON your NAS and as any security person would tell you, security vetting should be done as close to the access point(ISP) as possible to limit the risk of forced access.

However, a VPN on a NAS is the best of a bad thing and would be the minimum level of security I would have in place before I allowed an access to my NAS/LAN.

In an ideal world the postman delivers mail to the post-box at the entrance to your property. He/she does NOT deliver your mail to your bedroom. (Unless you have an arrangement ;-)

All the above assumes you have a stable switched/routed LAN environment with no other problems related to TCP/IP data traffic.

This is just the tip of what is involved in setting up LAN access from the Internet.



 



368 posts

Ultimate Geek
+1 received by user: 1


  Reply # 715438 11-Nov-2012 12:58 Send private message

QNAP say the following of WDC Caviar Green HDD in a QNAP NAS:

As listed 7-11-2012

http://www.qnap.com/useng/index.php?sn=4085&lang=en-us

Note5 (WD Green & Seagate Green)
These hard disk drives have passed QNAP lab's initial verification of compatibility. However, because many users have reported unstable experience with these hard disk drives, we do not recommend using these hard disk drives with QNAP products. WD10EADS-00P8B0 and WD15EADS-00P8B0 are not suggested because of slow performance and stability issues.

So they have passed QNAP compatibility tests and I have read on Geekzone that people are successfully using WD Green HDD in a NAS RAID environment without problems.

You will also note the WD Green drives noted by QNAP are no longer sold in the latest WDC line of Green drives, which may imply a more robust WD Green line up.

If you look at the Synology HDD compatibility list it notes the latest WD Green HDD without any caveats 

http://www.synology.com/support/hd.php?lang=enu

As the WD Red HDD are relatively new I'm guessing they command a premium price at the moment, but I do see PBTech has dropped the price on the WD Red HDD.

For myself, I just feel a bit more comfortable using a WD Red HDD over a WD Geen HDD in a QNAP NAS based on the information I have read. But as Ragnor notes, that comfort level does come at a price.

View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





Trending now »

Hot discussions in our forums right now:

22nd Only: PB Tech BROTHER HL1110 Mono laser Printer $15 shipped(after $30 cashback)
Created by loceff13, last reply by old3eyes on 22-Oct-2014 18:40 (18 replies)
Pages... 2


Who Audits IRD?
Created by gundar, last reply by charsleysa on 22-Oct-2014 15:52 (18 replies)
Pages... 2


Spark Socialiser
Created by freitasm, last reply by freitasm on 22-Oct-2014 18:39 (34 replies)
Pages... 2 3


American legal jurisdiction in New Zealand
Created by ajobbins, last reply by gzt on 21-Oct-2014 14:58 (30 replies)
Pages... 2


HERE Maps beta available to all Android 4.4 devices and up
Created by freitasm, last reply by hamish225 on 22-Oct-2014 17:54 (14 replies)

Another Trade Me competitor: SellShed
Created by freitasm, last reply by SellShed on 22-Oct-2014 11:54 (42 replies)
Pages... 2 3


Abnormal upstream data usage - Vodafone Cable Wellington
Created by otherside, last reply by otherside on 22-Oct-2014 17:11 (12 replies)

Snap have failed our company!
Created by dafman, last reply by toejam316 on 22-Oct-2014 13:03 (25 replies)
Pages... 2



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.