Hey guys
I want to lock down my NAS from the Internet completely. This is for security reasons. I only want it to be accessible from within my home network.
How do I do this?
So far I’ve logged onto the Dashboard and disabled remote access - but, I can still access it via the MyCloud app on my phone (when my phone isn’t connected to my home network via WiFi).
Do I need to disable something on my router? How do I do this? (I’ve got a Netgear Nighthawk).
I’ve updated to the latest firmware also.
Hi
I haven’t experimented a lot with this and I’ve never exposed my NAS to the Internet other than for a minute or so, testing the cloud access. So, if you login in on your NAS, go to ‘Settings’ and click on ‘General’ and scroll down to ‘Cloud Access’; what’s your current status? On my PR4100 it’s [Cloud Service = Off] and [Connection Status = Disabled]. I cannot reach my NAS through the iPhone App if I’m not connected to my WiFi at home. The app says something like: Something went wrong, We’re having trouble connecting to your device.
If you still can see the content of you NAS, while not connected to your WiFi, is it possible that you have some port forwarding configuration active on your router? Maybe that was exactly what you were asking… I don’t know how the settings for your router looks like but a quick Google search gave me this:
That would probably get you to the right area in the router for configuring port forwarding.
Good luck!
Thanks for the helpful reply.
It turns out Cloud Access turned itself back on, or maybe I just didn’t switch it off properly in the first place. Either way, I’m cool now that I can’t access via the iOS app when not connected to my network. When connected to my network, it’s fine. So that’s good.
However, I think that’s only half the puzzle solved… unless switching this Cloud Access setting to “off” also does all the necessary blocking of incoming traffic to the NAS.
You’re right, that I need to do something with the router. So far I’ve blocked “ALL” services with on the IP address of my NAS. Now, the fact that this had no effect when Cloud Access was ON makes me a bit nervous… because even with Cloud Access ON, I should have been getting that “can’t connect” error because I’ve blocked the services… except, I got in fine…
So I’m obviously missing something. When I go into Portal Forwarding/Port Triggering, nothing is configured… maybe I need to configure something here?
What disappoints me is that the WD manuals do not cover many of the questions that arise and this community often doesn’t provide a conclusive answer. I’d like to lock down my PR4100 so that there is no access from out side my home LAN, even if there is a firmware update, but there doesn’t seem to be any clear instruction how this should be done. It is not good.
because protection is router specific
My method: Two routers.
The one that the NAS units are on do not have internet access.
When I need the NAS files; I swap the network the PC’s are sitting on.
A more conventional method:
Most routers will block an ip or MAC address from internet access. This is done from the router configuration pages. That stops all “off network” traffic to/from the machine.
Simply turning off “cloud access” from the NAS is inadequate. WD does not recognize that you want these things OFF the internet; all turning off cloud access does is disable the MyCloud App. There are still a dozen+ things that cause it to dial home; and a bunch of open ports that will allow for backdoor access.
There are conclusive answers, but you must search for them, because the people who know the most about these devices often don’t have the time nor the patience to explain it to everyone who asks.
Blocking external threats is trivial, but you should also be concerned about internal threats, because these devices have a nasty habit of phoning home, and blocking them isn’t easy unless you know exactly how to do it.
Eventually, I may create an app for that, but I have much more important things to worry about than developing apps and releasing them for free to users who often can’t be bothered to click a like button, let alone say thank you.
| Forums | News and Announcements | Register | Help | Forum Guidelines |
Copyright © 2021 Western Digital Technologies, Inc. All rights
reserved.
|
Trademarks
|
Privacy
|
Community Terms of Service
|
Site Terms of Use
|
Copyright
|
Contact WD
|