plugout.net

Is there a way to add ipsec or l2tp vpn server?

IOS 10 has removed l2tp native client for security concerns. I don't care about security I just don't want to open all my ports on my router to use some of my nas feature outside my local lan.... ie: file explorer on port 445....

thanks for any suggestion! :dontknow

Hi raidsm

Why do you not want to use pptp server ?

raidsm wrote:ie: file explorer on port 445

Indeed this is not safe and never be done...

But you can set a samba access over a ssh tunnel. (make a new LAN over a ssh connection <=> do a VPN!). There is many tuto pages to do it.

of course you need to open the port of the ssh server.

more details here:https://www.chrisnewland.com/solved-mac-osx-samba-cifs-through-ssh-tunnel-error-the-server-localhost-is-available-on-your-computer-364

I use the same method with a proxy over a ssh tunnel to get access on all local web-interface (fvdw-sl; transmission; mldonkey;....) from my office ;)

Hi Jocko,

I mainly use my nas outside my lan with my iPhone. opening a simple vpn and then access all the stuff I need is 1- more secure -2 less complicated then opening all the ports....

In iOS 9 (iPhone) pptp was an option but since iOS 10 they remove it because of security concerns... I knew it but find it convenient. So I'm now unable to connect to my nas using vpn as the only option possible on iPhone are now ipsec/l2tp.

I saw in the filesystem some folder referring openvpn? is it there?

I also have quite a small question: is pressing the rear button restart the nas? I was thinking it could turn it off...

BTW where to I find the auto mounting a remote share? I would like to try this on my other nas... is it fatab (I'm quite noob so....)

Hi raidsm

raidsm wrote:I saw in the filesystem some folder referring openvpn? is it there?

Yes that is and you will find on the web several howto to config it manually(we still have on our howto to implement it fully with menu on fvdw-sl web-interface

raidsm wrote:I also have quite a small question: is pressing the rear button restart the nas? I was thinking it could turn it off...

it has two behaviours (see viewtopic.php?f=11&t=1894&p=15498&hilit=power+button#p15498)

raidsm wrote:BTW where to I find the auto mounting a remote share? I would like to try this on my other nas... is it fatab (I'm quite noob so....)

In the backup menu, open the menu "add remote share" (which allows to mount a samba or nfs shares)Click on the link "Yes/No" of the column "at next booting" to swap the status

Great thank you very much jocko!

Are you saying you are working on implementing it in the web interface? ;)

What I want to say for the network map is where is the auto mount line in terminal? I don't find it in fstab? Do you run a script at boot up instead?

raidsm wrote:What I want to say for the network map is where is the auto mount line in terminal? I don't find it in fstab? Do you run a script at boot up instead?

We do not use fstab trick, the device are mounted according with the nas database by the boot script.
Note: boot script resets fstab

Are you saying you are working on implementing it in the web interface?

No just it is on my howto (maybe the next job after we release the next fvdwsl version)

Hi,

Referring to the original question: I managed to compile and run softether on my Lacie Cloudbox (white casing). So I can run an L2TP VPN server on the Lacie, and connect with my iPhone from outside to my home network.

Please let me now if you are interested in the procedure. Perhaps it can be added to the fvdw-sl webinterface if more people are planning to use it.

barts wrote:Hi,

Referring to the original question: I managed to compile and run softether on my Lacie Cloudbox (white casing). So I can run an L2TP VPN server on the Lacie, and connect with my iPhone from outside to my home network.

Please let me now if you are interested in the procedure. Perhaps it can be added to the fvdw-sl webinterface if more people are planning to use it.

Interesting! It seems quite complicated when I was looking... if you wha t to share I'm pretty sure some other will also find this useful!

Ok, here are my raw, personal notes. I connected to th Lacie Coudbox (white casing) with clunc. Feel free to improve!

FVDWSL: SoftEther install from source

FVDWSL: Entware (install)
mkdir -p /share/1000/@entware-ng/opt /opt
rm -rf /opt
mkdir /opt
wget http://pkg.entware.net/binaries/armv5/i ... install.sh
/bin/sh entware_install.sh

vi /etc/fstab
/share/1000/@entware-ng/opt /opt        none    bind    0       0


opkg update
opkg install gcc
opkg install grep
rm /usr/bin/grep
opkg sed
rm /bin/sed
opkg install gawk
rm /usr/bin/awk
rm /usr/bin/gawk
%ln -s /opt/bin/gawk /usr/bin/awk
cp /opt/bin/gawk /usr/bin/gawk
ln -s /usr/bin/gawk /usr/bin/awk
ln -s /usr/bin/awk /usr/local/bin/awk


FVDWSL: Readline
wget ftp://ftp.gnu.org/gnu/readline/readline-6.3.tar.gz
tar xzvf readline-6.3
cd readline-6.3
./configure
make
opkg install patch
make install
ln -s /share/1000/@entware-ng/readline-6.3/ /usr/include/readline
cd ..

FVDWSL: PERL
opkg install perl
opkg list | grep perlbase- | sed 's/ - .*//' | xargs opkg install
opkg install perl-dev
https://github.com/Entware-ng/Entware-n ... rl-modules

FVDWSL: OpenSSL
wget --no-check-certificate https://www.openssl.org/source/openssl-1.0.2j.tar.gz
tar xzvf openssl-1.0.2j
cd openssl-1.0.2.j
gvv_env.sh
./config --prefix=/opt/openssl-1.0.2j --openssldir=/usr/local/ssl
make
chmod a+w test
!! as non root:
adduser -D -H nonroot
su nonroot -c "make test"
deluser nonroot
make install
ln -s /share/1000/@entware-ng/openssl-1.0.2j/include/openssl /opt/include/openssl
cd ..


FVWDSL: Softether
wget http://www.softether-download.com/files ... eta.tar.gz

uncomment line 26 in Makefile
CC=gcc

tar xzvf softether-src-v4.21-9613-beta.tar.gz
cd v4.21-9613/
./configure
## (OS= 1: Linux; CPU bits = 1: 32-bit)
make
make install
vpncmd
(check)