Internet Access Needs of OS5

Since the OS/5 release; I have become confused regarding how this device communicates to the internet (WD servers or otherwise).

QUESTION 1) If I turn off the cloud services; what communication still occurs between an OS5 NAS and the outside world?

My expectation is “none”.
However; I suspect some internet communication is still required for “authentication”?

FOLLOWUP: if we require internet communication for “authentication”, is there anyway to disable that function? (Concern: this off-site authentication is almost by definition a “Man in the Middle”; and something to be avoided from a Cyber perspective)(I consider offsite authentication a show-stopper weakness of the architecture)

FOLLOWUP: Is there any other internet access required for proper functioning of the NAS within a local network

QUESTION 2) If I BLOCK WAN access to the NAS at the router/firewall level; do I lose any functionality on the NAS?

My expectation is “no”. My suspicion is “yes”.

(Note: I don’t really want to do this; as it appears that my router will also block access to contact to other subnets within the Router. This is “bad” for me; as VPN access logon is via a dedicated subnet; which is separate from the LAN devices)

NOTE: I do not want a rehash of “direct”, “Local”/“Port forwarding” and “relay connection” definition. For purposes of this discussion. . . the NAS is configured correctly and shows proper connections without “relays”.

1 Like

I am interested in WD response on this as well…

Great question

I am still confused.

I played around with the system tonight.

  • When cloud services are “off” I can still access the unit with VPN from outside the home.

  • If I block the NAS from the internet at the router; I lose VPN access (because VPN comes in on different subnet?); but I can still access the web interface and see files using file explorer. I even wiped the credentials from the Windows machine using Credential manager: After entering password. . .I did have file access.

So is there any sort of web authentication or not? (I hope not). . .the original question still stands in my mind.

Well, I’d say that SMB and NFS auth is local (by design), but webinterface aka dashboard uses some sort of external auth with WD.

I can access the dashboard with the unit blocked at the router.

But, for the long term with the unit blocked, I do not know if there is a certificate somewhere that will expire and then block access.

Two day pass… no answer from WD stuff. I suppose this is due to the fact that we will not like their answer.

1 Like

Has anyone got answer on this one yet?

1 Like

They’ve answered it with a full technical post in another thread, but haven’t told us why they won’t let us turn it off, or when they’ll let us turn it off.

Hint to WD staff, we’re never going to stop asking to turn this off.

You can refer to this thread for additional info - Disable HTTPS redirect

1 Like

I found a way to get around it with uBlock Origin for now at least! I posted it over here in the Disable HTTPS redirect thread, but here’s a copy pasta of it for your benefit :slight_smile:

I too found a way to block this using uBlock Origin, huzzah!

You must have advanced mode turned on in the extension settings and then when you navigate to YourIP for your NAS you configure the settings like this:

Once this is set, using direct links like MyIP/apps/transmission/web/transmission.html works without having to go through the admin panel and navigating to the app configure first too! Great success!