I'm a Mac user with a DSL wireless modem/router. I've been looking at NAS (network-attached storage) drives, but I've never used one. I'm wondering if I can access a NAS remotely (when I'm away from my office) without my computer being on. (I'm familiar with Back To My Mac, but it seems buggy and I'd prefer not to leave the 'puter on 24/7).

Can I access a NAS drive connected to my router/modem without a computer powered on? If so, do I need a static IP?

http://en.wikipedia.org/wiki/Network-attached_storage

The links at the bottom of that article may help.

basically it's it's own server on the network. You will need a static IP to forward to on your internal network, but not necessarily a static external IP (using a service like dynDNS makes a static IP not needed, for your external internet IP.)

If you use a FreeNAS setup, you can ssh to it, or use several methods to attach to it.

http://en.wikipedia.org/wiki/FreeNAS

Mark me up as a vote for OpenFiler, though FreeNAS is a good choice as well.

Mark me up as a vote for OpenFiler, though FreeNAS is a good choice as well.

Haven't tried much with OpenFiler. From the specs it looks comparable.

NexentaStor is a great option due to ZFS support. Quick snapshots, etc.


(Then again, I am currently enamored with Nexenta as a project, because it gives me OpenSolaris goodness - ZFS, Zones, etc. - and gives me a debian-style apt user land/packaging. YMMV)

Thanks for the responses folks.

basically it's it's own server on the network. You will need a static IP to forward to on your internal network, but not necessarily a static external IP (using a service like dynDNS makes a static IP not needed, for your external internet IP.)
I have a dynamic IP address (I think...) with my ISP (AT&T). So if I use something like dynDNS then I don't need to pay my ISP For a static IP?

Openfiler and FreeNAS would be installed on the NAS, right?

eta: Does my router/modem need to have any special features for this? Are there any firewall issues (not involving my Mac, but with connecting to the NAS via my router)? I remember when I was trying to configure BacktomyMac, you had to have a router with NAT and UPnP etc. Is it simpler with a NAS only?

Thanks for the responses folks.



I have a dynamic IP address (I think...) with my ISP (AT&T). So if I use something like dynDNS then I don't need to pay my ISP For a static IP?

Openfiler and FreeNAS would be installed on the NAS, right?

That is correct. head to dyndns.org to see how to set it up.

OpenFiler, FreeNAS, NexentaStor are all operating systems to turn old computer hardware (or new) into a NAS. If you have bought specialized hardware that already runs it's own OS, you don't need to bother yourself with the uber-geek session between me and GreNME.


Your DSL modem has a firewall on it, you'll need to port forward your connection type of choice to the NAS. Hint: You maybe want to put the external facing port above the 30k range to avoid folks who scan for things to poke at.

eta: Does my router/modem need to have any special features for this? Are there any firewall issues (not involving my Mac, but with connecting to the NAS via my router)? I remember when I was trying to configure BacktomyMac, you had to have a router with NAT and UPnP etc. Is it simpler with a NAS only?

That edit has a lot of info to be shared to answer it.

but I need to know this first:

How are you going to connect to your NAS? SSH? SAMBA? NFS? Do you have a specific client in mind to connect to it (like FUSEFS, etc.)? Ie. what ports are you going to need to connect to? You will need to modify your firewall to forward those ports directly to your NAS. If you use an actiontec modem for your DSL I can walk you through that.


GreNME: What am I forgetting to ask/tell here?

How are you going to connect to your NAS? SSH? SAMBA? NFS? Do you have a specific client in mind to connect to it (like FUSEFS, etc.)? Ie. what ports are you going to need to connect to? You will need to modify your firewall to forward those ports directly to your NAS. If you use an actiontec modem for your DSL I can walk you through that.


Sorry, I don't know the answers to those questions. I'm not too experienced with network stuff. My current router/modem is a 2Wire 2700HG-B. I don't have a NAS drive yet. I'm looking for a relatively easy way to access files from the NAS remotely.

Sorry, I don't know the answers to those questions. I'm not too experienced with network stuff. My current router/modem is a 2Wire 2700HG-B. I don't have a NAS drive yet. I'm looking for a relatively easy way to access files from the NAS remotely.

OK. here's what I have for you, and as usual, this is to be taken with a grain of salt.

Read through this article (http://www.automatedhome.co.uk/Reviews/Mapower-KC-31N-NAS-Review.html), and then come back to us with questions. It will give you the basic idea of what you would have to do in a general sense for any NAS device you want to set up. Basically the info we need to know is this:

1) What device are you going to buy/build (*for specific set up instructions)
2) How are you going to access it
3) Questions related to configuring your router/firewall for this device (specific to your set up.)

Ducky, I'll read that article and report back when I learn more and figure out which hardware I'll be using. Thanks.

Ducky, I'll read that article and report back when I learn more and figure out which hardware I'll be using. Thanks.

Hey sounds good. Once we have some specifics, I think I can better help you set it up.

GreNME: What am I forgetting to ask/tell here?

I wouldn't have said forgetting, but I would have said that you jumped ahead of some stuff. Some of the preliminary questions for jimtron (in order):
What do you want to connect to the NAS with from ouside of your home? Finder? A web browser? An FTP client? How you answer this will answer the first part of what Ducky was asking. If what you're looking for is a recommendation, then the answer may differ depending on...
What are you looking to accomplish with it? Are you looking to have the same type of access that you have while in the home? In other words, are you looking to be able to open that video file that's on your home computer from your work location? I can tell you that you're not likely to get the same quality of connection from outside that you have inside, but depending on what you aim to accomplish will determine which methods you have available to you.
How comfortable are you fiddling with the settings on your internet router? When you're talking about accessing network resources inside of a local network, you have to be aware that the chances of someone you may not want eventually trying to get access to your stuff is very high. Your router already has lots of built-in measures to prevent (well, kinda) these attempts, and you need to be aware that fiddling with the settings is going to mean following several steps to avoid turning off those protections.
Do you expect to be able to have the NAS recognize your computer connecting in from the outside the same as if it were connected from within your local network? I can warn you ahead of time that while this isn't impossible, it has several caveats and depends on what kind of router you have, what kind of internet connection you have, and what kind of NAS device you have in order to make this even remotely possible. Considering the slower performance of this (among other things), it's not recommended, but it can be done.

Hrm, I wonder... Ducky, are there any consumer appliances that run any kind of Citrix-like or VNC-like services to mitigate these kinds of connections? I can't think of anything, but having something like that-- sort of like a LogMeIn-type appliance-- would make this a snap.

And if there isn't: what do you think the chances are that no one has thought to patent such a device?

I wouldn't have said forgetting, but I would have said that you jumped ahead of some stuff. Some of the preliminary questions for jimtron (in order):

What do you want to connect to the NAS with from ouside of your home? Finder? A web browser? An FTP client? How you answer this will answer the first part of what Ducky was asking. If what you're looking for is a recommendation, then the answer may differ depending on...
What are you looking to accomplish with it? Are you looking to have the same type of access that you have while in the home? In other words, are you looking to be able to open that video file that's on your home computer from your work location? I can tell you that you're not likely to get the same quality of connection from outside that you have inside, but depending on what you aim to accomplish will determine which methods you have available to you.
How comfortable are you fiddling with the settings on your internet router? When you're talking about accessing network resources inside of a local network, you have to be aware that the chances of someone you may not want eventually trying to get access to your stuff is very high. Your router already has lots of built-in measures to prevent (well, kinda) these attempts, and you need to be aware that fiddling with the settings is going to mean following several steps to avoid turning off those protections.
Do you expect to be able to have the NAS recognize your computer connecting in from the outside the same as if it were connected from within your local network? I can warn you ahead of time that while this isn't impossible, it has several caveats and depends on what kind of router you have, what kind of internet connection you have, and what kind of NAS device you have in order to make this even remotely possible. Considering the slower performance of this (among other things), it's not recommended, but it can be done.


Hrm, I wonder... Ducky, are there any consumer appliances that run any kind of Citrix-like or VNC-like services to mitigate these kinds of connections? I can't think of anything, but having something like that-- sort of like a LogMeIn-type appliance-- would make this a snap.

And if there isn't: what do you think the chances are that no one has thought to patent such a device?



FTP would be good--I'd mainly be moving large image files.
Just file transfer. I would want to retrieve files, download them to the remote computer, and then work on them (no need for streaming or editing files while they reside on the NAS).
Moderately comfortable. I'm definitely no networking genius, but I have a pretty good aptitude for IT stuff. I'd prefer to keep things pretty simple but I don't mind doing some work to get it going.
No, just simple file transfer.

Okay, that's something where you could definitely work this out.

One of the things you'll need to be able to do is change your router's settings to forward FTP traffic to the IP location of the NAS device. You're going to want to make sure to have a good, strong password on your NAS for this (security first, after all). As Ducky pointed out, having a dynamic DNS setup will allow you to use a memorable name as your FTP address, but in a pinch you can also use your numeric IP. The setup should be pretty minimal in terms of working out the networking trickery, provided you have a router that can forward traffic to a specific IP and you set the IP address on your NAS to the target IP address (this is usually found in the setup section on the NAS device as a 'static IP'). Pretty easy-peasy, as far as those things go.

Some considerations:

You can reasonably expect that, at some point, some kid is going to come across your home IP address and try every trick they can find on the intarwebs to crack their way into your NAS. Hence the strong password being necessary. If you want to be super-duper careful about keeping the connection safe, you might want to see if your router can do VPN connections, or find a router that can do them. Setting your router to allow the VPN connection and connecting to your FTP on the NAS will ensure that anyone else must follow both steps in order to reach your NAS. That's a little more tricky, but if your router can do VPNs then it's not too difficult and would help to negate the need to use the forwarding mentioned earlier-- you would connect using the internal LAN access that the VPN provides you (once connected).

That's the best-case scenario. Not all consumer routers have VPN access, or don't have it enabled. There are some routers that can be flashed with a 3rd-party firmware that allows you to do this (DD-WRT FTW), but that's another ball of worms or can of wax, so to speak.

Yeah. It's obvious why they keep me squirrelled away in a data center and don't let the public talk to me. I don't clearly articulate things on easy to follow levels. GreNME is right, I did jump ahead, and I asked questions that were obscure in jargon, rather than clear. I could take some notes from his posts.

This is why I don't handle desktop support. ;)

I have more to post, but I am late. I will post more when I get back to the office.

Hey, that's nothing, man. You should see trying to translate stuff to the management board for allocating money to IT. Now that is a pain in the rear that needs a few stiff drinks afterward (and maybe one or two before).

Hey, that's nothing, man. You should see trying to translate stuff to the management board for allocating money to IT. Now that is a pain in the rear that needs a few stiff drinks afterward (and maybe one or two before).

Yes...I remember trying to explain what a Solaris Zone was when we first started talking about hardware consolidation.

Nothing like getting the glassey eye treatment.


Ok, here's what I have so far (next post):

Jim, I'd like to verify I have everything correct:

1) You want a low power use storage device network accessible from both internal and external sources to your network.
2) You want to use the FTP protocol (since you're on a mac, I assume cyberduck, or finder etc. in a GUI form) to access files there.
3) You do not need fancy and neat functions to go along with your NAS device, just FTP.
4) You run Macs and don't want your home computer to be on 24/7 (hence this device.)

About right?


So the steps I see are as follows:

1) Determine the device to purchase or build using old computer equipment.

This step is where we're at. As a side note, there are online services like MobilMe etc. that cut down on whether you need this hardware at all. I am going to assume that you prefer your data to be on your own hardware and not out in the cloud, or you would have checked out online storage services. Just wanted to mention them. They don't take any changes to your network.

2) Set up said device on your internal network and make it work.

This step will probably be the most time consuming. I would like to give some tips for this. You shouldn't use FTP. You should use SFTP, SCP or FTPS. The difference is a layer of security. Internally on your own network it wouldn't matter but since this is also going to face the world and be used over open internet, it's probably good to have your sessions encrypted with SSL so you don't broadcast your passwords in clear text across the internet. That said, most purchased NAS devices support this, and every one I know of that you can homebrew can be set up with this.

If you purchase:

Bring the device home, read the instructions, and plug it into your network. There will be a web page accessible at the ip address it is given for configuration. These steps will be fairly straight forward. The biggest trick is figuring out which address it was assigned internally to your network, and then making that a static IP address. This is done in your DHCP server which is most likely also your DSL modem. For that, you would also navigate in your web browser to the IP of your DSL modem, log in with whatever credentials you have in place, and change the DHCP service for your NAS device by assigning a static IP address to it. This generally is done in a section called "DHCP Reservations" or whatnot. Assigning this static IP will be based on the MAC address of the network card in your storage device. That should auto populate in the table showing the DHCP assignments on your modem. Here is a link to help you figure out how to configure your DSL modem:

http://portforward.com/

The above steps will require questions, feel free to ask them here. GreNME and I are happy to help (despite being pedantic prats from time to time.)

Once that is done, you need to tell your DSL modem to forward the ports for your service from the outside world to your NAS device. Here is where I am going to suggest a multitude of things to help stop johnny script-kiddy from owning your files.


1) The port facing the outside world should not be the standard port. Make it something up in the 30,000 range. I have several ports facing the world on my home machine and only when I absolutely have to do I run them on the standard settings. My SSH port is in the 20,000 range. This is a number high enough that standard scripted scans don't bother to search that range.

2) Use strong passwords. (http://www.lockdown.co.uk/?pg=password_guide) I'm serious. This is the easiest way to get owned. Your password should be a minimum of 12-16 characters and use upper case, lower case, numbers and symbols. Preferably this shouldn't be dictionary words, but randomized sequences.


If you want to build this device out of existing hardware not currently used, or set up a service on your mac, that's another ball of wax that shares many of the steps above, but has more info you'll need.

Does that help?

Hello,

just wanted to point out that one can also use S/FTP instead of regular FTP. This would avoid the step of setting up a VPN. Since it is based on SSH/SCP, one can then generate and use a key-pair, one for the NAS and one for the computer, and use that as an extra authentication step, instructing the NAS to not automatically generate keys on the first connect. That way, a password alone wont help to break in. It also allows to get rid of the password completely, although i wouldn't recommend that since it allows direct access for everyone who is able to get access to the remote computer.

However, if plain FTP is to be used, i would also recommend to set up a VPN tunnel, as GrenME mentioned. Keep in mind that FTP passwords are sent in plain text, so if someone is sniffing on your internet connection, it would be easy to get the password. That sniffing could happen on the remote network, or through a trojan on your home network, or through a DSL modem that someone can get remote access to.

Greetings,

Chris

Edit: Just saw that Ducky beat me to it re: S/FTP while i was writing this message ;)

1) You want a low power use storage device network accessible from both internal and external sources to your network.
2) You want to use the FTP protocol (since you're on a mac, I assume cyberduck, or finder etc. in a GUI form) to access files there.
3) You do not need fancy and neat functions to go along with your NAS device, just FTP.
4) You run Macs and don't want your home computer to be on 24/7 (hence this device.)

About right?

Exactly.

As a side note, there are online services like MobilMe etc. that cut down on whether you need this hardware at all. I am going to assume that you prefer your data to be on your own hardware and not out in the cloud, or you would have checked out online storage services. Just wanted to mention them. They don't take any changes to your network.

I don't think MobileMe would work without having my Mac on--I want to have access to at least at TB of storage, so any online storage that MM allows wouldn't be enough.

Does that help?

I read your advice--thanks, that does help. I'm pretty good at following directions and getting things working, my main question was whether I could use a NAS without a computer. If anyone has any recommendations of good NAS hardware, please weigh in.

Exactly.



I don't think MobileMe would work without having my Mac on--I want to have access to at least at TB of storage, so any online storage that MM allows wouldn't be enough.



I read your advice--thanks, that does help. I'm pretty good at following directions and getting things working, my main question was whether I could use a NAS without a computer. If anyone has any recommendations of good NAS hardware, please weigh in.

PC World seems to think these (http://www.pcworld.com/article/125072/top_10_networkattached_storage_devices.html) are good choices.

Building your own would be easy enough, but would require you to have an old computer laying around available for use. If you wanted to, you could head to Microcenter's website and purchase one of their cheap (http://microcenter.com/search/search_results.phtml?web_group=pc_desktop_refurb&product_type=refurb&utm_source=mcol&utm_medium=topnav&utm_campaign=nav_refurb_desktop) deals (http://microcenter.com/search/search_results.phtml?web_group=pc_desktops&utm_source=mcol&utm_medium=sidenav&utm_campaign=nav_pc_desktops) on older hardware. This won't get you better power usage, but it is more configurable. If you were to use this approach, here are some tutorials on building your own NAS device (included are FreeNAS, OpenFiler and NexentaStor.)

FreeNAS How-To's (http://www.freenas.org/index.php?option=com_openwiki&Itemid=30)

OpenFiler graphical install. (http://www.openfiler.com/learn/how-to/graphical-installation)

OpenFiler text-based install. (http://www.google.com/url?sa=t&source=web&ct=res&cd=3&url=http%3A%2F%2Fwww.openfiler.com%2Flearn%2Fhow-to%2Ftext-based-installation&ei=5W9SSo_4E5Ci8gSWxaWDBA&usg=AFQjCNGGOTGVBTmCFjBJYzsxKPbH0hVxbQ)

Tutorials and Demos for NexentaStor (http://www.nexenta.com/corp/index.php?option=com_content&task=view&id=53&Itemid=79)

I'd suggest buying an appliance. You don't seem to fit the need for building your own, unless you want to learn a bit while you set this up.


However, if you grow past a TB, you may want to consider building your own with several arrayed 1.5TB drives to get you as much storage as you need. We can help if this is what you choose to do.

Building your own NAS also has the advantage that you can use it for more than "simply" a NAS. Personally, i like these small Intel Atom boards. That would enable you to use it as a media-center as well for playing music and videos, for example. I'm using such a thing myself, and when the drives spun down for sleep, it takes about 12 Watts or so.

Greetings,

Chris

Building your own NAS also has the advantage that you can use it for more than "simply" a NAS. Personally, i like these small Intel Atom boards. That would enable you to use it as a media-center as well for playing music and videos, for example. I'm using such a thing myself, and when the drives spun down for sleep, it takes about 12 Watts or so.

Greetings,

Chris

Danke, Herr.

As a side note, for you Linux (Ubuntu, in this case) users out there, here's a how-to to create a NAS solution for your local machines, and you could then use an SSH connection to access from outside (or any other service you want to run on your linux box...)

http://www.howtoforge.com/using-iscsi-on-ubuntu-9.04-initiator-and-target

Specifically it does this:

This guide explains how you can set up an iSCSI target and an iSCSI initiator (client), both running Ubuntu 9.04. The iSCSI protocol is a storage area network (SAN) protocol which allows iSCSI initiators to use storage devices on the (remote) iSCSI target using normal ethernet cabling. To the iSCSI initiator, the remote storage looks like a normal, locally-attached hard drive.

Hey, in that list given by Ducky, the (HP) MediaSmart, the (Netgear) ReadyNAS, and the (Buffalo) Linkstation appliances have gotten good words from those I've talked to. Of those three, the Linkstation ones have gotten the worst scoring because they promise a lot, and while they deliver a lot of good stuff they don't manage to deliver everything. All of them are reliable, pretty easy-to-use devices for the home user, though. Also, for the Windows users out there, they all come with a consumer-level backup software-- not exactly on the level of the professional software, but plenty enough for backing up your documents. Granted, Windows and OS X (and, technically, Linux) come with backup systems of their own, but the ones that come with the appliances are pretty click-thru and simple.

Hey, in that list given by Ducky, the (HP) MediaSmart, the (Netgear) ReadyNAS, and the (Buffalo) Linkstation appliances have gotten good words from those I've talked to. Of those three, the Linkstation ones have gotten the worst scoring because they promise a lot, and while they deliver a lot of good stuff they don't manage to deliver everything. All of them are reliable, pretty easy-to-use devices for the home user, though. Also, for the Windows users out there, they all come with a consumer-level backup software-- not exactly on the level of the professional software, but plenty enough for backing up your documents. Granted, Windows and OS X (and, technically, Linux) come with backup systems of their own, but the ones that come with the appliances are pretty click-thru and simple.

That's good to know about the devices. I build my own rigs, so I know almost nothing about what is a good one and what isn't.

Another good thing (for you) is that several of the newer appliances can act as iSCSI targets, have limited print server abilities, and some can even have USB drives plugged into them. One or two out there can even be daisy-chained (though, with storage, I don't recommend it unless you know what you're doing).

Another good thing (for you) is that several of the newer appliances can act as iSCSI targets, have limited print server abilities, and some can even have USB drives plugged into them. One or two out there can even be daisy-chained (though, with storage, I don't recommend it unless you know what you're doing).

For me, or for the OP?

I generally stay away from daisy chaining physical appliances and use one machine with an array of drives in a zpool.

For you, and I meant the iSCSI part. The daisy-chaining is only good for someone who adds extra appliances, and if they know better than to span disks that way.

For you, and I meant the iSCSI part. The daisy-chaining is only good for someone who adds extra appliances, and if they know better than to span disks that way.

That is an interesting aspect. I may incorporate that into some future design of the home network....which never stops evolving...

I am using a Buffalo Linkstation Live 1TB drive for this and its pretty good so far. Took a wee while to get the setup right in my router for the webaccess but it works like a dream now. It also syncs with Itunes and allows me to use a wireless music server system in the house with multiple zones as well as being a print server and also having the USB option as well. It has an autostart option (for attached PCs) but this does not work with webaccess AFAIK so you have to leave it on if you are travelling. Not sure the speeds are up to what they claim though.

There seems to be issues with the amount of passwords you can have for webaccess on one machine though. My works VPN and webmail webaccess passwords have to be entered as my webaccess password for the Linkstation for some reason. Cant quite figure it out in that regard.

Anyone have any thoughts on Logmein (http://www.logmein.com)? I tried their free version, and it was extremely simple to setup for remote access . The fact that it was so easy scares me a bit though; I wonder how secure it is.