External Connection to NAS

Discussion in 'Networking, Telephony & Internet' started by the_antipop, Jun 9, 2019.

  1. the_antipop

    the_antipop Member

    Joined:
    Jun 11, 2005
    Messages:
    1,806
    Location:
    Gold Coast
    Morning all,
    I've run into a small issue with remotely connecting to my NAS. I have successfully installed Xpenology (Synology OS) to my NAS, and have it working internally. However, there are some issues connecting to it externally.
    I have port forwarded the following ports to the internal IP (192.168.0.15) of the NAS;
    [​IMG]

    I have also setup Dynamic DNS (No-IP) to my Router, as seen here;
    [​IMG]

    Finally, within the Synology OS, I have pointed external access to the No-Ip Dynamic DNS;
    [​IMG]

    Now, I have tried to connect to my NAS using; http://hurleynas.ddns.net:5000 - to no avail. What have I missed? Do I need to assign the internal IP to the external IP?
     
  2. Quadbox

    Quadbox Member

    Joined:
    Jun 27, 2001
    Messages:
    6,231
    Location:
    Brisbane
    Do you have any other working externally accessible services? Does your ISP use CGNAT?
     
  3. OP
    OP
    the_antipop

    the_antipop Member

    Joined:
    Jun 11, 2005
    Messages:
    1,806
    Location:
    Gold Coast
    I'm unsure - massive novice at this type of stuff. I'm using Telstra with a Gen 2 Smart Modem.
     
  4. evilasdeath

    evilasdeath Member

    Joined:
    Jul 24, 2004
    Messages:
    4,861
    check the ip on your router wan
    see if that ip matches the recird from ddns
    nslookup hurleynas.ddns.net from cmdline

    check from internal
    externalip:5000
     
  5. OP
    OP
    the_antipop

    the_antipop Member

    Joined:
    Jun 11, 2005
    Messages:
    1,806
    Location:
    Gold Coast
    Checked the WAN, it's 124.191.11.186. Matches the settings in NoIP. Did the cmdline nslookup, shows hurleynas.ddns.net points to 124.191.11.186... Weird.
    From my own network, I tried 124.191.11.186:5000, get connect ERR_CONNECTION_REFUSED...

    EDIT: I switched the WAN Supervision from BFD to Disabled. Now when I go to hurleyddns.net:5000, I get connection timed out...
     
    Last edited: Jun 9, 2019
  6. evilasdeath

    evilasdeath Member

    Joined:
    Jul 24, 2004
    Messages:
    4,861
    you can hit localip:5000 fine thou?

    i would be checking port fotward rules and ensure it is.

    also i noticed multiple ports are required are they all working from external?

    check for security rules on the NAS as well
     
  7. waltermitty

    waltermitty Member

    Joined:
    Feb 19, 2016
    Messages:
    1,019
    Location:
    BRISBANE
    [​IMG]

    Works from here bro
     
  8. OP
    OP
    the_antipop

    the_antipop Member

    Joined:
    Jun 11, 2005
    Messages:
    1,806
    Location:
    Gold Coast
    Wow. What the hell? Interesting...
    Just tried externally with my mobile using 4g - it worked! Unreal. Even works with the ddns.net link! Thanks guys
     
  9. evilasdeath

    evilasdeath Member

    Joined:
    Jul 24, 2004
    Messages:
    4,861
    whats the username/password? :p

    i'd think NAT loopback would work on the telstra router but it might also just be shit. Mine sits in the box, i'll pull it out if i need the 4g else i'll use my own router.
     
  10. OP
    OP
    the_antipop

    the_antipop Member

    Joined:
    Jun 11, 2005
    Messages:
    1,806
    Location:
    Gold Coast
    Haha.
    Just did another test - so internally, the external IP/No-IP address doesn't work - but externally it's all good. Is that normal?
     
  11. gdjacobs

    gdjacobs Member

    Joined:
    Apr 3, 2007
    Messages:
    1,511
    Location:
    MB, Canada
    Hairpin NAT?
     
  12. evilasdeath

    evilasdeath Member

    Joined:
    Jul 24, 2004
    Messages:
    4,861
    Um define normal :)

    NAT loopback/NAT hairpin is fairly common on consumer routers but its not on all equipment.

    There might be an option but i understand the telstra routers are pretty gimped
     
  13. OP
    OP
    the_antipop

    the_antipop Member

    Joined:
    Jun 11, 2005
    Messages:
    1,806
    Location:
    Gold Coast
    How would I diagnose/fix that?
     
  14. gdjacobs

    gdjacobs Member

    Joined:
    Apr 3, 2007
    Messages:
    1,511
    Location:
    MB, Canada
    Start with a traceroute and see if you're being getting any hops beyond your NAT gateway. If your gateway has locked down firmware, it'll be entertaining trying to diagnose how NAT and firewall rules are tangling together.
     
  15. ir0nhide

    ir0nhide Member

    Joined:
    Oct 24, 2003
    Messages:
    4,236
    Location:
    Adelaide
    Question; are you really sure you want to do this (expose your NAS to the internet)?

    Personally i'd never consider this; VPN all the way.
     
    bcann likes this.
  16. Quadbox

    Quadbox Member

    Joined:
    Jun 27, 2001
    Messages:
    6,231
    Location:
    Brisbane
    He said he was opening up an openvpn connection on the NAS, not like smb or nfs. Of course, you are relying on your NAS's manufacturer keeping up with openvpn patches...
     
  17. ir0nhide

    ir0nhide Member

    Joined:
    Oct 24, 2003
    Messages:
    4,236
    Location:
    Adelaide
    Yeah.

    As long as it's just VPN and there's some form of anti-brute force I guess.
     

Share This Page

Advertisement: