Clear-written version of issues described in Upgraded to Cloud OS 5: no web access, no iSCSI access, just a nightmare!
I still have not received a single answer from WD officials on my previous ticket. I’ve opened #210205-002609 in the hope that someone will actually help me out here.
This is a box that has been operating just fine with Cloud OS 3. Details follow:
Link aggregation is set off. Both IPv4 LAN1 and LAN2 network mode are set to manual. LAN1 is set to a 192.168.1.X (DMZ) address and LAN2 is set to a 192.168.0.X (LAN) address. Default gateway is LAN1. Access to the internet from LAN1 is unrestricted, whereas access from LAN2 to the internet is only possible via an http/https proxy operating in WPAD mode.
The box hosted NFS shares on LAN1 and provided an iSCSI volume on LAN2. That is, the iSCSI portal was visible on LAN2.
After the upgrade to OS 5, I’m having the following issues, presented in the order of most critical to least critical:
after each reboot the device does not bring LAN2 up with the configuration present in web admin. LAN2 settings are there, but the device does not read me. If I enter web admin, LAN2 settings are correctly populated, but running ifconfig egiga1 from within the box shows that it indeed has no ip settings. If one re-enters the data in web admin, then the network card becomes active again, but this persists only until the next reboot. This is a critical issue, requiring an immediate fix. Please try to reproduce it. If needed, I can provide my configuration file for my NAS (OS 5).
The iSCSI volume is no longer visible on LAN2. Even after following the workaround in (1) above and disabling-reenabling iSCSI on EX4100 it still shows that the portal address as listening only on the LAN1 interface and not on LAN2. This is hugely critical, since I can not access 1.5Tb of data on the iSCSI volume of the device from my LAN.
Trying to access the web panel on LAN1 (192.168.1) from my pc LAN address (192.168.0) fails, even though both addresses are RFC1918. Seems like filtering is taking place on EX4100.
Accessing the web panel on LAN1 is made by an DNS alias (remotewd.com). In doing this, WD gets information about my network topology (DMZ address/subnet). This is outrageous, especially considering that (a) our environment is striving for GDPR compliance, (b) I’ve opted out of all call-home communication with WD!!! . I can not stress hard enough how dangerous is for WD to gather that sort of information. If you are going to provide this “facility” have the user opt-in for it, instead off opting-out or, even worse, not offering any workaround like self-signed certificates!