Access Disk1, Disk2 from remote location?

Discussion in 'Cisco/Linksys Network Storage Devices' started by jschall, Feb 23, 2006.

  1. jschall

    jschall Network Guru Member

    The User Guide is so abysmally out of date - the one available on the Linksys site is for R24, as far as I can tell. There's no version number or issue date. No information or mention of FAT32 or NTFS disk mounting, etc.

    So I have to rely on this user community for the most basic of answers :cry:

    I have succeeded (I think!) in setting up two USB FAT32 drives on my NSLU2. They are both "public" and accessible to anyone on my Wireless LAN. Great.

    My question to you is: Can one or more folders on one or both drives be made accessible from the "public" internet? Is that an existing feature? I would like to be able to view my digital photos, for example, from an internet café. The NSLU2 has a built-in web server for its administration. Can it serve its pages to the WAN side of my router (WRT54Gv5)?

    Is that possible, either with the "stock" NSLU2 firmware or with one of the 3rd party firmwares available?

    - Jeff
  2. ajnodine

    ajnodine Network Guru Member

    Yup you sure can!! How did you get 2 fat32 drives to work correctly? Without a EXT3 drive hooked up nothing works the way it should.... :sadbye:
  3. jschall

    jschall Network Guru Member

    Thanks for the quick response, ajnodine!

    With R63 firmware, which I had to install using the eraseall utility, I just plug in them FAT32 drives!

    The drive on Disk1 is a Lacie SilverScreen 80 GB (so, I can dismount it and carry it to my TV set to play mpeg4 and mp3 files).

    The drive on Disk2 is a 256MB Flash drive with some productivity stuff - todo lists, etc., that I can view and edit from anywhere on my WLAN.

    You said:

    "Without a EXT3 drive hooked up nothing works the way it should..."

    Well, as I said, those 2 drives are "public". And as I also said, because of the lousy documentation from Linksys, I just
    don't know how it's "supposed" to work :)

    So, how, exactly do I access my SilverScreen photos from an internet café?

    - Jeff
  4. d__l

    d__l Network Guru Member

    Ideally the best way to do that would be through a VPN tunnel or other secure connection method to your router. With a VPN tunnel your router would have to be capable of acting as a VPN endpoint. I don't believe the WRT54Gv5 can be flashed to a third party firmware that would offer that capability. Earlier versions of that router could be. Also your laptop would have to have a software client such as the free SSH Sentinel.

    So if you want to access the NSLU2 from a public site, your wireless portions of the transmissions to it/from it will be unencrypted. In addition, you will have to make a hole in your firewall to the NSLU2 to pass either http or FTP traffic. Because there is no password other than the default one on a FAT32 drive or the NSLU2 with FAT32 drives in it, that means that anyone probing your router could discover which ports you are forwarding to those protocols and ultimately access your NSLU2.

    Do you want the full directions on how to make your NLUS2 that publicly accessible? I can explain the details if you wish.
  5. jschall

    jschall Network Guru Member

    Thanks, d___l, but that won't be necessary. I just want to know what the stock firmware is supposed to do. Looks like the answer is - the network attached storage is only available to the LAN workstations. To make the USB drives visible from the internet would require major hacking, like poking holes in the firewall :)

    Actually, my photos are backed up to my Mirra Personal Server, a 120-GB drive combined with a Linux OS, and it IS accessible from the internet.

    I still wish I could get an up-to-date User Guide, though...

    - Jeff
  6. d__l

    d__l Network Guru Member

    I think we all would like to see an updated, comprehensive, and correct UG. :) The change log for R63 isn't even correct as to which drive formats will connect with which USB ports.

    If you wanted to connect through a wired connection over the internet to your NSLU2, it wouldn't be quite so risky. You simply forward some oddball, rarely used port to port 80 or port 21 on your "default passworded" NSLU2. The chances of a hacker scanning/probing your router and finding those forwards through the firewall are negligible. A trojan only looks for commonly used ports so there would be no problems there either.

    The real risk in a wireless internet cafe is someone snooping your unencrypted wireless packets and seeing which passwords and ports you used to access your NSLU2 or even your Mirra for that matter. Then after they capture that info from the ether, they could break into your home servers at a later date.
  7. jschall

    jschall Network Guru Member

    OK, so can someone PLEASE tell me why Linksys writes THIS in their product description, both online and in print:

    "Integrated file server -- access your files from the Internet

    ...The Network Storage Link can also be set up so that your storage devices are accessible from the Internet"

    Maybe it's covered in an up-to-date version of the User Guide (which I haven't found yet :-(
    - Jeff
  8. d__l

    d__l Network Guru Member

    With the R63 firmware and an ext3 formatted drive, the NSLU2 can be set up as an FTP server behind an internet-connected router. This router would forward port 21 requests/traffic to the NSLU2 which would have non-default passwords in use to secure the files on the drives from intruders.

    Prior to R63, secure upload/download access to the NSLU2 would have been a little more complicated and slower using a VPN tunnel and user groups/shared directories and files on ext3 formatted drives.

    If FTP is not used. but the drives are still ext3 formatted, all the files could be download accessible by placing them in a public directory. The internet-connected router would forward port 80 requests to the NSLU2 and the public files be reached from the Home page. Although accessing these files over a public link would expose them to anyone on the internet, the password of NSLU2 administration doesn't have to be used/exposed to interception.

    If you had a static IP connection, then I guess the NSLU2 could be connected directly to the modem and accessed remotely by its IP as many network cameras are set up to be accessed.

    The one setup that is the most risky is to connect the NSLU2 to the internet with only FAT32 drives attached. This means that the administration password for it is still the default setting and anyone can make any changes in settings that would be allowed by the NSLU2-FAT32 drive combination.
  9. jschall

    jschall Network Guru Member

    My situation is that I have 2 FAT32 drives attached, and I would like to access them from the Internet.

    Security is a secondary concern to me at the moment - there's nothing on the drives that is essential or impossible to replace. Anybody is free to copy my pornographic pictures :D

    I don't mean to belittle network security considerations, but for the moment I am more concerned with the access mechanism.

    The latest version firmware APPEARS to have a file server function built in. The User Guide is out of date, and doesn't mention this. But the online help file ALLUDES to it:

    "DNS Server
    A DNS (Domain Name Server) translates Internet addresses (e.g. to IP Addresses. Use the same values as on your PC, or recommended by your ISP (Internet Service Provider).
    At least one (1) DNS entry is required if using either the 'E-Mail Notification' or the 'Internet Access' feature. "

    Tantalizing! I can see the E-mail field in the Administration/Status screen, but I have not seen any screen that mentions "Internet Access".

    I have not yet been able to have the NSLU2 get its IP address from the DHCP server on my WRT54G router. I enter the WRT's address in the slug's LAN screen for the Default Gateway (having selected "Obtain IP Address automatically (DHCP client)") rather than "Fixed IP Address (recommended)". I then press the "Save" button, and after what seems ages, the Default Gateway field clears!

    I hope to get to the bottom of this mystery. Has anybody succeeded in logging into the NSLU2 remotely?

    - Jeff
  10. d__l

    d__l Network Guru Member

    Have you tried to:?

    Set your NSLU2 to a fixed IP outside of the range served by your WRT54G (as per recommendations on that page of NSLU2's settings). Also set the gateway to the IP of your router and the DNS servers to those that your router is using. Also enable Guest Logins and Convert failed logins to "guest" logins (Windows networks).

    Then set change the "Port number for HTTP (Web Browser) connections to this server:" to something like 7080 (not 8080 because that is commonly used). Remember once you change this port number , you will forever have to use NSLU2 IP:7080 when ever you want to access your GUI until you change it back to just 80.

    Then set your WRT54G to forward port 7080 TCP to your NSLU2's IP.

    Then at a remote site, you browse to your WAN static IP such as aaa.bbb.ccc.ddd:7080 or your WRT54G's FQDN that you have previously registered with a DDNS organization and set up in your WRT54G, ie., at which point you should end up at the Home page of your NSLU2 from which you can access and download (only) from the public directory of each drive.

    Remote FTP access methods are similar.
  11. jschall

    jschall Network Guru Member

    Thanks for all the detail, d___l.

    Some questions, though:

    The default "Port number for HTTP (Web Browser) connections to this server:" is 80.

    Why should one change it to 8080 or 7080? If I leave it at 80, will it be accessible? If I change it to 8080, would I still have to change port forwarding in the router?

    When you say "not 8080 because that is commonly used", are you talking about security, or is there another reason not to use 8080?

    - Jeff
  12. d__l

    d__l Network Guru Member

    Switching to a different port would give you a minimal amount of security. Hackers routinely scan for port 80 access, so people switched to 8080, but everyone knows that trick now so that port is also scanned as well as others in the 808x range.

    Some trojans also scan for port 80 and 8080, etc., but if they find that port open it is likely they can't do much to infect or disrupt your NSLU2.

    Some ISP's block incoming port 80 accesses to prevent their customers from operating webservers. If yours does, then trying to access the NSLU2 on port 80 from a remote site would fail.

    If you leave it at 80 (assuming your ISP doesn't block port 80) , it will be just as accessible to you, but remember if a hacker finds it, they can always change NSLU2 settings maliciously to disrupt your remote access.

    The access method listed previously is sort of the generic standard method. It should work, but the devil is always in the details. :)

    Would you ever want to remotely upload data? If so, then you would have to use FTP access.
  13. jschall

    jschall Network Guru Member

    Thanks for the added detail, d___l! (How do you pronounce that, anyway?) :)

    Here's what I got from Randel the Script Monkey at Linksys Live Chat:

    Go to administration tab then go to the system sub tab.
    At the very bottom of the page, look for 'port for http connections' enter 1024 on the port field. Click save settings.
    Don’t use port 80; you could use any values above 1024.

    Minimize the storage link's setup page and then launch another browser. Type on the browser and then login. Go to applications and gaming tab. Type NSLU2 on the application name. Type 1024 on the start and end boxes. Set the protocol to both. Enter the IP address of the storage link and then enable. After that, click save settings.

    To access the storage link over the internet, launch Internet Explorer and type http://the Internet/public IP address:1024. You can find the Internet/public IP on the status page of the router. Example:
    And, guess what? It works!

    Then I asked Randel another question:
    I would like to get an up-to-date User Guide for the NSLU2, if it exists!
    Randel Joseph A(10135): Ok.
    Jeff: Do you know if the User Guide has been updated yet? The one on your site is dated May, 2004, before 2.3 R24! There are a lot of new features in 2.3R63, which dates from July 2005!
    Randel Joseph A(10135): Sorry but we don't update our user guide.
    Jeff: Say what? You add new features the market wants, then you don't document them? I'd better talk to your supervisor! Please give me an email address!
    Randel Joseph A(10135): We only do updates on the firmware.
    Jeff: OK, bye!

    GOOD GRIEF! :eek:

    - Jeff
  14. WRF_54

    WRF_54 LI Guru Member

    Well I hate to ressurect on old thread...but it kinda hits where I am going ...or at least trying to go with my NSLU2. I am wanting to set it up as a internet accessable nas point using a VPN tunnel. I have a RV042 router and have used the QuickVPN client to connect to a IP address of a desktop machine in the office ..from I know the client and the router are working fine...but when I try to access the NSLU2 I am told that I do not have the permission to do so. I have changed the IP of the NSLU2 to on my internal network...and I can access the drive and see the folders I created there on "Disk1" ...internally....but via the VPN I cannot. I must be missing a step in the setup of the folders/shares I'm I thinking straight here??...any help would be greatly appreciated.
  15. d__l

    d__l Network Guru Member

    Can you ping the NSLU2 through the VPN? Is the gateway setting on the NSLU2 set to be the IP of the RV042?
  16. WRF_54

    WRF_54 LI Guru Member

    Nope....I did not ping the NSLU2...but when I try to add the drive to my network places I get a password box that pops I think it can be seen...but not accessed. I do have the gateway set to point to the RV042.
  17. d__l

    d__l Network Guru Member

    This might be more of a XP problem with UserID/PWs than a NSLU2 problem. I know that when I start my NSLU2 up after it has been stopped, I frequently can't log in to it. Then repeated attempts always fail. It is as if there is only one login attempt allowed. So far the only way I've found to overcome this it to reboot XP and retry the login which is always succesful then.

    There are some tests you might try to prove this is a problem with your XP computer's network permissions. First can you log onto the NSLU2's public GUI page through the VPN? Then can you log into the administration page with the administration ID/PW?
  18. WRF_54

    WRF_54 LI Guru Member

    Ok...I'm a dork....:redface:. When I finally got home tonite I logged in thru the VPN and was able to both ping...and get to the GUI without a hitch. Here is what I did WRONG last nite.....I put the wrong frikken name for the disk volume on the NSLU2.....:knock: I checked this morning at the office to see if I had set up the shares right...and it all checked out...but I did notice that the volume name for disk1 was spelt "Disk 1"...I had left out the buggering space last nite...and consequently was denied access to the drive..go figure. Damn I hate that when you have a total brain fart....:doh: Anyways the darn thing works as advertized and I was able to upload and download files. I did notice as well that the firmware on my device is V2.3R24....and I just bought this thing last week. From what I have read here so far the jury is still out on the 63 revision...should I stay where I am...or is there another version better than the 24 I currently have. Thanks again for the help d__l....:thumbup:.
  19. d__l

    d__l Network Guru Member

    I think R63 adds some critical features and I don't know what you could have read that was bad about it other than the telnet access was removed in R25. R63 adds NTFS support (but this is somewhat buggy), more FAT32 support, and most importantly FTP capability.

    You might want the speed of FTP for moving files through your VPN tunnel which adds its encryption overhead and thus slows down the transfers. Normal SMB file transfers from the NSLU2 through Windows have their own overhead too.

    Earlier official firmwares were R25 which had minor fixes and R29 which was the last official firmware before R63.

    I've been using R63 for about a year with no problems other than my back up file jobs were locked to those that I had set up on R29. A restore default configuration fixed that.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice