I’m worried about switching on NFS for all IP addressed since I have a shared LAN. I would like to specify exactly which computers can access each shared folder on the NAS drive.
However in the Share Access / NFS Access set-up screen, only 1 IP can be set up apparently:
If I try to put a comma, colon, etc:
Is this a bug? Any help?
I’m open to try other possibilities rather than NFS, as long as I can mount my shares both on Linux and Mac.
Thanks
Edit: I tried to SSH and edit /etc/exports manually, but the configuration was lost after reboot =(
Access to files works a bit differently than you are thinking.
You NAS will have ONE IP address. All computers on your network can see the drive. However, access to individual shares is username/password controlled. You can specify which users have access to which shares. on an individual basis. Each access can be given either read or write access. Each user will have a unique password.
I believe the same architecture is in place if you expose the device to external networks.
Hi,
thanks for the answer. I think I was not very clear though.
I can access the NAS through network using the user names and passwords defined in the dashboard. That is not the problem.
What I’m having problems finding a good way to do is this: have the NAS “shares” as mapped drives in some of the computers in the LAN. I did manage to do this by switching on NFS and mapping the share with the network path provided. All good.
However, in the NFS setting for each share, you either specify ONE and ONLY ONE IP address rgar cab mount that share, or * (meaning all). If I set this to * (all), any computer in the LAN will be able to map and access that share - without user name and password. I don’t think that is a secure enough way to do it. On the other hand, if I do specify one IP there, only 1 computer will be able to mount that share, and that is not what I want…
I’m actually able to access my NFS shares WITHOUT a username and password, despite being set to only allow full access to Admin and having public and media sharing disabled, so I’m trying to restrict to just a couple hosts this way, but if I put anything other than a single address or netblock in the field I get an error.
I may resort to configuring my DHCP server to hand out from 192.168.0.129/25 (with a /24 netmask) and keep the hosts I want to have access statically configured and in 192.168.0.0/25, but that seems like a hell of a kludge solution to such a simple problem.
if you still experiencing the problem, I had a solution.
either you enter “*” (without quotes) as a servername. this will allow an access from every computer in your network.
if you want to allow only few computers, it is going to be a little bit tricky though.
Set up your nfs share the same way you did before, then enter a name (or IP) of one server in you network.
enable SSH on you WD. (sorry, but I am not covering this in here)
log in via ssh and edit the file /etc/exports
you will see a line like this (xx - the last two numbers of you server, you want to allow): "/nfs/nfs01" 192.168.xx.xx(rw,all_squash,sync,no_wdelay,insecure_locks,insecure,no_subtree_check,anonuid=501,anongid=1000)
just copy the line and in the second line replace the IP of your next server.
You can find tips for how to configure this setting (it’s just creating the line in /etc/exports) here. Unfortunately the mycloud webUI doesn’t appear to support hostname wildcards, but you can do IP subnets.
