Good afternoon everyone. I am new to setting up an NAS. Our goal at my office is to have our NAS setup in such a way that through the VPN we can connect outside the office the files on the drive at the office, specifically a particular file and folder on one of our computers that needs to be mapped as a T: drive on the client Windows 10 PC so that Access can connect to it as it would at work. It has customer’s financial information in the file, so VPN is needed. I’ve spent 4 days with ChatGPT and have gotten nowhere.
-
the port 1194 seems to be blocked and we can’t find out where. Checked firewalls, router, etc. Per ChatGPT’s suggestion we set up our DNS with DuckDNS since we have a dynamic through our ISP.
-
Can’t even seem to get everything set up properly with the VPN. ChatGPT kept having me repeat the same steps over and over.
Any ideas?
Not to be mean. - Stop depending on ChatGPT for solutions? Read the official guide.
Guide To Set Up & Configure OpenVPN Client/Server VPN | OpenVPN This is your customer’s financial information - your dealing with.
just a fair warning - the documentation mentions “This HOWTO assumes that readers possess a prior understanding of basic networking concepts such as IP addresses, DNS names, netmasks, subnets, IP routing, routers, network interfaces, LANs, gateways, and firewall rules.”
1 Like
Hope you’re using a proper homemade router like Pfsense CE or Opnsense. They make setting up openvpn a breeze, can spit out config files when you’re done. You don’t want the NAS handling this duty. You want it serving files.
1 Like
I have a solid basic knowledge of computers and networking. I personally have setup our office’s LAN and VOIP phones. We’re using a Nighthawk RAX45 router. I repurposed an old PC as our NAS running TrueNAS-13.0-U6.7. It only has one striped drive as a test until I get everything running, then I plan to replace it with two 4TB SSDs. I plan on having a shared folder for main files and individual folders for each computer in our office. This will be our main server for storage. As stated I would like to be able to have the boss’ home computer be able to connect to a folder mapped as a drive that will allow her to open her Access database from home, per her request. VPN seems like the only secure way to go. Our router does have an option for it’s own OpenVPN, but I figured the NAS was better for that. The router is not very robust. We have an SSD attached to the USB port currently as a temporary share, but it crashes the entire network whenever we access it. I don’t think the chipset can handle the strain. So I am trying to build an NAS for this reason. The router has a rule for port 1194 to stay open, but due to recent hacking, we had to have the ‘block all new connections’ enabled. The NAS is allowed to connect. Our ISP doesn’t block that port, so that isn’t the issue. I’m at a loss. It’s only me in the office as “IT”, so I only have ChatGPT to turn to for the programming of it. And before you ask, buying new equipment is not an option, nor paying for additional services. I need to be able to work with what I have unfortunately. Is this a lost cause?
Thanks for your replies.
does it have to be OPENVPN? - I heard WireGuard easier - but I never tried it myself?
No. It was recommended by ChatGPT as the plugin for the NAS. I don’t mind what we use, as long as it works.
Since you cobbled your “company fileserver” (emphasis, mine) together from an old pc, can you dig up another one and throw another nic in it so you can build an opnsense firewall?
1 Like
We had one without memory chips, the other with a fried motherboard, different makes, and no drives in either. The other are in use. So unfortunately, we can’t set up one for a firewall. I’ve been given a near impossible task.
I’ve heard WireGuard is good too. I can see about setting that up instead maybe next week. I won’t have time now this week.
Yeah you’re working with nothing. I’d tell them to open the check book, it’s not expensive to come up with a little 2 port router. There are dozens of little mini pc’s that will take a low profile 2 port nic. Chatgpt can’t tell you to tell your boss to spend money.
Perhaps not, but seeing as how the boss won’t spend a literal dime, I had no other choice. It is what it is. I’ll try to see if I can work with the existing router, but it is very under-powered.
Thanks guys for everything. I tried WireGuard and failed. So I will just use Dropbox for the mapped share. NAS is going in the trash. But I appreciate your assistance. And yes, ChatGPT sucks.
Sorry to hear. But you have to reinforce the concept that features and services cost money. If the owner wanted a solution it comes with a price tag. I’ve worked alongside folks on both sides. The miracle worker who keeps a rickety little business together with wits and skill but no budget. And the boss who is so cheap you can’t move.
I did this for a financial firm before, just a handful of traders, and made them shell out for a Cisco asa licensed for vpn, then used vnc for them to land on. Cheap solution and as they got accustomed to the possibilities and the flexibility they weren’t afraid to spend a little here and there. Built them a new server and a domain controller. Then a ups, then a tape backup.
Still sucks for you, I know how fun projects at small businesses like this can be as a change of pace. Been there.
Spot on. Frustrating and fun (as you said, “a change of pace”). Yeah, seems to be a trend with small companies. They stay small because they think small.
So I ended up dumping TrueNAS in favor of Rockstor and using Tailscale. It seems to be working so far. VPN tested on a sample file and works. Setup was very easy and clean. Works for us… now I have to convince the owner WHY we need SEVERAL drives for our files and getting the company to buy them. Wish me luck! lol
1 Like
