Thursday, April 30, 2009

Enable FTP Services on LaCie 500GB NAS!

Today i set up FTP services on my NAS.It took me some time to make it reachable from the internet as i am behind a router.I will write down what i have done , hopefully it helps to avoid spending hours on googling the net.


- First you need to login to the control panel with your admin account.(see manual for login).

- To get to the web-panel type your LAN IP address or networkspace in your browser's addressbar.When prompted log in with your admin password.Click on Support and enable the FTP Service.Now visit the Configuration tab and click the ellipse next to User.Here you can set user and pw for an FTP user account with only access to the openshare.Apply it!

- As next step you need to establish an FTP connection to the NAS to make sure it works.You can do this with your administrative account or the openshare account.Type the following in your browser's addressbar :

ftp://username@ipaddress of your NAS

- You will be prompted for a password.Enter it.When everything went well you will be able to access the displayed shares (depending on the user you are logged in with).I had some problems here, because i changed the openshare username and the password, this was accepted and the account was set up on the NAS.(i checked it by mounting the NAS - properties - security.Here i added the new renamed openshare user and have done a check names.The openshare's new user was there.But you cannot change/add it because you'll get a deny.Anyway this was good to know!).The login through ftp connection was however not accepted and rejected with a 530 incorrect login error message.I restarted the NAS and gave it some more tries.It worked then.

- So when you got it working inside your LAN you need to make it accessible from outside.This needs to be done on your router.You need to make a portforward on the ftp port 21.Usualy you will find a tab on your router's web-access called : Virtual Servers.Click it and specify the LAN Ip of your NAS as private Ip address.Set inbound port range to 21 and the private port range if displayed as well to 21.Choose TCP as connection type and click enable.Don't forget to apply/save your settings.

- Navigate now to the DMZ tab (it depends on the router if it is visible directly, otherwise you may want to take a look under Firewall).Enabling DMZ for a specified IP address is a security risk at least for the given device because the device with the IP address you entered will be placed outside the NAT.This makes it accessible from the internet.As i know secure ftp is sadly not supported with this NAS.

- Try to access the NAS now through the internet using the WAN IP of your router :

ftp://username@WAN_IP_of_your_router

You should be able to login and access your NAS at home using FTP.That is the way it worked for me.

Note:Because of security reasons i make the ftp just temporary remotely available.Normally i leave the DMZ disabled.I enable it just for a short while when i am in need for FTP operations.You can ofcourse forward port 21 to a secure device inside your network and access the NAS from inside your network.


I made the following experiences with the connection :

- inside LAN connecting with the NAS's intern IP works fine.(Tested with ftp://Ip_Address [Web Interface], FTP-File Manager, Commandline FTP)

- Enabling FTP portforward and connecting with external IP address did work partially.My FTP File-Manager could connect, folders were displayed but folder access operations were not permitted.However, accessing the NAS through commandline FTP was possible and folder access (depending on your user-rights) was granted as well as get/put operations.

- Enabling DMZ on NAS IP and connecting with external IP works as described in the manual.I was able to reach, access and down/upload files on all mentioned connection versions.If you have security doubts i suggest to temporary put the internal IP address of the NAS in the blocked zone of the firewall on all other devices residing inside your network and regularly password changes.


As a con on this storage i want to mention the security aspect.Secure FTP is not supported and restricted credentials and useraccount creation/modification.

For a home environment and as a storage for private purpose it has a nice design and should do it's job.I cannot say more at this moment as i operate this LaCie NAS just since some days.


Coming now : long weekend and nice weather : ))

Nice weekend to all my visitors
Bookmark and Share


8 comments:

Anonymous said...

Hello, Sam :)
Everything OK?

Have you created yourself this ”Stay Calm It's Just A PC!” gif ??
Could you do me a favor? :D Can I ”borrow” it? Please!
Thank you

Have an interesting day

WebBanshee said...

Hi andibob.I found this gif on deviant art and added a headline to it.It's realy a cool one : ) (i gave it a credit in the bottom section of my blog).I remember to downloaded it as free, but i feel like the creator should be credited.So i would suggest you do the same on your Blog when you use it.I have done a search on DeviantArt.com for the creator, but did not find the gif there anymore.But take a look at the bottom section of this Blog, there is the name of the creator.Credit him please for his good work!

Regards and thanx for dropping by.

Anonymous said...

Thanks, Sam! I own you :)
Have a nice day

Mika said...

Thanks Sam, this article was indeed very helpful. Just creating Virtual Server to A-Link router and no need to use even DZM. I have also software firewall protecting.

WebBanshee said...

Cool :) It's good when you do not need to make use of the DMZ option.Portforward is enough normally.In my case the web FTP panel did not appear without DMZ.But that is not that important.

Thanx for the feedback : )

Anonymous said...

I find if you use FileZilla and change the transfer settings from default to Active you will be able to see all directories and there contents.

Kev

WebBanshee said...

Hi Kev ,

Thanx for the tip : ).I tested it with Fire FTP.Using FileZilla sounds better indeed.I will check this out.

Bests

Sam

WebBanshee said...

Thx : ) Sometimes just the time for posts is missing.

Post a Comment