When my computer and my NAS are on the same network (locally, at home), I can access my NAS via FTP (using FileZilla Client). See below screenshot. As you can see, I just need to put in the Host field the IP address 192.168.1.22 and then connect. This works.
Question: Could you please explain me how to access my NAS remotely (still with FTP) when I am not on the same network than my NAS (for instance, when I am at work) ?
Basiaclly, I would need to know what needs to be put in the below fields to be able to acces remotely
Host: ? ◄ I think this is what I miss. What IP or Host name should I grant?
I am going to give abbreviated steps. You will have many details to work out.
You need to know the WAN IP address of your router. (it will not be a 192.168.xx.xx number)
Note that for most, your ISP is supplying this address to your router, and it can change. You may need to use a server that will do a DNS lookup for your. (so instead of typing 22.34.14.44:100 to access port 100on your router, you type “www.me.com:100” to access port 100). I have an asus router. . . and they offer this service for free. (so. . .I type something like “MyHandle.asuscomm.com:100” to get port 100)
You need to setup port forwarding on your router, so that it knows that anything coming to a specific port (say, “100”) needs to be directed to a specific port on your NAS.
Example: Let’s say your NAS expects FTP traffic on port 22, and it sit on 192.168.0.10.
Let’s say you have your router on “MyHandle.asuscom.com”
In the router, you configure port 100 to 192.168.0.10:22.
That way, when away from home, you type “myhandle.asus.com:100”. Your router will send all the data to port 22 on 192.168.0.10
Make sure that your NAS is set up to expect FTP traffic on the chosen port. The port number is configurable (Default = 22?)
A reminder on just how freakin’ insecure this type of connection is. Also, the cyber protections for WD NAS’s is dubious at best. Frankly, after learning how to do it. . .I simply block ALL WAN access to the NAS at the router.
If you insist on doing this. . . use a VPN to your home network. THat way, you will be technically on the same network as your NAS. . .so that actually simplifies a few steps. Note that the software I use assigns a different subnet to any VPN connection. . . there is a setting in the EX2 Ultra which will allow connections from other subnets within your network. (in other words, my NAS might be on 192.168.0.100. . .my PC at home will be 192.168.0.110, but my remotely connected lap top will get an IP of 10.24.0.110)
Make sure your NAS has ports for external access mapped in the router.
I will asap dig into @NAS_user tutorial and try to make it work by myself (at least to understand how it works).
Question: Based on your words, a FTP connection is unsecure.
But if i grant FTP access to only one specific folder on my NAS that contains only public data, will my other folders (FTP access not granted) that contain private data be at risk ?
First of all, when you create a MyCloud USER and SHARE, you should remove the PUBLIC Access to the SHARE.
FTP Access requires the following considertions:
Your INTERNAL ROUTER must have the PORT that the WDMyCloud Server will use for FTP such as PORT 21 - OPEN through the router to your specific WDMyCloud. This is done on your router in Port Forwarding. DO NOT just widely OPEN PORT 21 through your router. That is like leaving your front door open and wondering why someone drank the milk from your refrigerator.
The ‘Share Access’ of a specific SHARE must have ‘FTP Access’ turned ON. Make sure it says ‘Anonymous None’ Make sure you click ‘Apply’ after flipping the ‘FTP Access’ ON
The IP Address that you will configure for you FTP Client will be your current WAN’s IP as the IP leased from your Internet Service Provider. You can find this in a web browser by entering the address: whatismyip.com. Please note that this IP Address may change from time to time based on the time that your ISP leases the IP Address to you. I have found that if you have any program or web server running on an internet facing computer on your LAN, that your ISP will re-lease you the same IP Address continuously. Otherwise, if your ISP leases an IP Address to you and it expires in 72 hours, you will get an entirely new IP Address. In which case you will always have to check your current IP Address (whatismyip.com) and inform your remote user.
I have read some posts where users have said when you allow FTP access you open up all your shares. That is not true. Remember do not let any of your SHARES to be set as ‘PUBLIC’. It goes by the following:
The SHARE must have ‘FTP Access’ turned on
The USER must be granted READ or READ/WRITE access to the share
When a user logs onto the FTP server, he will ONLY see the SHARES that he has ACCESS
to and are FTP Access enabled.
The remote user always logs into the root folder of WD My Cloud EX2 NAS. This is a big problem for my use case. Is there any way that it can either a) Log into the share meant for the ftp user OR b) give read, write permissions to the ftp user at the root level.
Ideally ftp user must log into the share meant for that ftp user.
To remotely access your NAS via FTP, first enable FTP on the NAS through its settings. Then, configure port forwarding on your router for the FTP port (usually 21) and use your public IP address with an FTP client.