I have had a Seagate Central NAS system for several years - and use it for backing up some of the PCs on my network and also for occasional remote access to my media files when away from home - mainly using the Tappin app on mobile devices.
I have recently discovered that Seagate stopped supporting remote access, and turned off the Tappin app in early April.
I guess that a number of readers of these NGs must be affected by this, and wondered whether anyone has found a solution - other than using cloud storage. I simply want to be able to access the files stored on my NAS remotely without needing to leave any computers running when I'm away from home. Any suggestions?
Check to see if your router supports VPN (Virtual Private Network) as a feature. It needs to have the Server version of the VPN, be it OpenVPN Server or PPTP Server.
In my case I have a Asus RT-AC68P/U router attached to my Cable modem. For various reasons I have loaded version 140 of the Tomato firmware into my router. This allows me to activate either OpenVPN or PPTP versions of VPN. I personally choose the OpenVPN method as I already was using the OpenVPN on my PC's to remotely connect to a couple of charities that I help keep operating. OpenVPN does have a little harder learning curve than PPTP but for the home user either will work.
With the VPN connection I can remotely connect to any device normally accessible on my LAN, be it a PC, NAS, or even security cameras. So in your case all you would have to leave on is the router, NAS, possibly a Ethernet bridge, and what ever modem you use to connect to the internet. Should you want to access your PC's than too could be arrange.
For many routers on the market you don't need to change the firmware to Tomato or DD-WRT as they come with some version of VPN software built into them. For other models if you are lucky you can upgrade the firmware to DD-WRT, Tomato, or one of the other alternate firmware that are out there.
You need to create a free account with a hostname that you can remember (say rogerMills.com but check it is not a live domain before creating this) . Now all you need is your router to be 24/7 and your NAS drive
24/7 and you can access it anytime from any country as long as you have created a suitable password.
Just because one company stops something it doesn't mean that life must come to an end. Find different ways of doing things. That's how human beings have evolved.
Seagate were using something similar to what I am suggesting except that these are private non-profit corporations that rely on donations and some big corporations help them out with servers and all that.
There are quite a few in China but I didn't bother to list them here as they are not reliable.
Thanks. but these are solutions to a problem which I don't have! I've got a static WAN IP address - so I don't need any sort of dynamic DNS in order to address it.
Seagate provided a facility whereby you could log on at access.seagate.com and access the files on your NAS. That may well have employed some sort of dynamic DNS for those needing it - but that isn't the issue. They have taken down their server, and withdrawn support for the Tappin app on portable devices. They apologise for any inconvenience caused(!) and assure me that my data is quite safe - but can only be accessed from within my own network.
My router supports Game and Application Sharing - which permits me (for example) to associate a PPTP server with my Seagate NAS so that - in theory - anything coming in on port 1723 goes to the NAS. Problem is that all such connects are refused!
If I log on to the NAS's web interface, it offers me 'Services' of "Remote Access", "Seagate Media", "DLNA" and "iTunes". The first two of these are no longer supported and the last two only work on the same LAN as the NAS.
I've no idea what OS the NAS uses - probably some flavour of Unix/Linux
- but it's pretty thoroughly locked down with no ready access to it. I
*can* FTP to the NAS but that doesn't seem to allow me to do much.
Obviously there is a way in, but its not well advertised. It the tappin crap was supposed to work behind a firewall with no especial configuration, that strongly implies that the NAS istself sets up and maintains a permanent connection to some seagate cloud.
Bit like skype does
Now if that is the case you wont be able to use that partucular backdoor.
I would try scanning the NAS ports to see which are active.
My guess is that ssh might be open. If its bog standard linux on the NAS. Try using PUTTY to connect to it. If that works you can use sftp and its chums if you redirect port 22 to the NAS.
It is not beyond the bounds of reason either to set up port redirection for SMB services on the router so you can actually mount the NAS across the internet. TCP ports 139 and 445 and UDP ports 137 and 138 should be redirected to the NAS box.
Obviously you wont be able to 'scan' for the NAS across the internet, so you will have to know ip address and tell whatever s**te MS uses to display shares *for that server*. Or better still use NET USE to mount the device as a drive etc
It's not very secure though, but I myself have done this years ago as proof of concept.
They "only work on the same LAN as the NAS." because your router doesn't allow the ports used by them to/from the outside. So you could open up those ports on the router and get remote access, however that does have security implications.
What doesn't FTP allow you to do that you want to do? You can get 'file explorer' like GUIs that use FTP.
You haven't read the instructions on the links I provided so clearly you are limited in what you can do.
People are running websites on NAS drives without using services from Seagate or WD or Synology or whatever. Frankly, it is pretty easy to do what you want to do but hey people are fixated by technologies from seagate and WD so they are not likely to adapt to changed circumstances.
Yes, it seems like it really has gone already: C:\TEMP>ping access.seagate.com
Pinging seagateaccess.tappin.com [208.89.184.225] with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out.
Ping statistics for 208.89.184.225: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
So, as others have suggested, you need think about how to gain access across your own router.
Probably need to open up the firewall on the NAS as well as the one on the router.
So you're going to have to hack into the NAS, which means that probably you'd've done better to post to a Linux NG, but see some suggestions below anyway.
Almost certainly an embedded version of Linux.
Apparently at one time not securely locked down at all:
formatting link
Oh dear! For starters, try telnet from the relative security of your own LAN!
Yes, apparently use telnet!
Possibly, but that can be disabled now, if the OP can get into the box.
Unless he subverts it in some way.
Given that telnet may be able to gain access, I would advise starting with that.
Why would he need Samba/SMB? He makes no specific mention of Windows devices requiring remote access, only media files, so presumably a mobile or a tablet, Mac or Android, which are both Linux.
No, no! He doesn't seem to need this at all. NET USE is a (very old legacy) Windows command to mount a network share as a drive letter. These days, he wouldn't even need this to connect from a Windows machine. W9x or older used it, but since 2K+, in fact I suspect even NT3+, Windows PCs have been able to connect directly using the protocol: \\Server\Share
I suspect the way forward is to tunnel, but, although I understand the principles involved, I'm not familiar with the practicalities of this.
Back to the OP:
There are two stages involved in customising/hacking such devices:
1) Gaining access, it sounds as though telnet might work, so try that first, but failing that, see the next link below.
2) Finding a workable method of subverting the boot process to apply the desired customisations.
Others already may have done some or all of this work for you. I haven't read the following, but the equivalent Zyxel section was very helpful to me:
formatting link
Although the following apply to different devices, if you want brief descriptions of how the above two stages are attained in practice, together with some example scripts, see also:
formatting link
formatting link
Also, although it's probably a bit late for you, for future reference, the moment I buy anything like this I go online and download and save locally everything related to it that there is the remotest possibility that I could ever need - PDF Manuals, firmware upgrades, instructions for hacking into, files required to do so, etc, etc. Here are some links to things that might still prove useful to you:
I have made *some* progress with FTP. There are two shares on the NAS - a public one which accepts an anonymous ftp connection, and a private one which requires a username and password. I can point my AceFTP PRO client at either of these, and see the folders and files. That's from within my own network, of course.
I've done a port scan, and found a number of ports open:
Do any of these look promising as a means of getting remote access to my files? If so, which ones, and what client software/apps would I need to use on (a) Windows and (B) Android?
Thanks. I had come to the same conclusion - and have made *some* progress using sftp on Port 22, but still have a way to go.
As noted before, when connecting tom the NAS from within my own network, I can use bog-standard FTP on Port 21. I can access the Private share on the NAS by supplying the correct username and password, and can access the Public share by using an anonymous logon.
In order to access the NAS from outside my network (Android tablet using Android phone-generated hotspot) using sftp, I have told my router to assign port 22 to the NAS. I can then access the Private share ok, by supplying the username and password. But I'm stuck with the Public share. I haven't found any way of using sftp anonymously, so I can't get in. I've tried several Android sftp client apps - the most promising one being AndFTP - but to no avail.
I don't know *how* to do it, but I think that you need to set up smb.conf so that the public share accepts your login credentials as a synonym for anonymous/guest access. This creates no extra security risk and I think it only needs a fairly simple user alias statement. But my memory is hazy.
As you noted, FTP includes the concept of anonymous login. However, SFTP (which is part of the SSH suite) has no such thing as anonymous login. With SSH (and of course SFTP), all access starts with properly logging into a specific account.
There are workarounds, usually involving replacing a security module on the SSH server so that all logins, no matter what, are allowed, but that would be a security hole of large proportions.
I would say you should create or use a 'private' account on the NAS as if it were public, meaning just share the password for that account and put the public stuff there.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.