Hello
I've been messing around enabling remote access to my NAS unit, in order to access the Audio Station on my phone. When at home on the Wireless Network, I can login fine from my phone.
So I've setup the HTTPS access and forwarded the correct port, checked via "canyouseeme.org" that the port is visible, then entered my public IP address into my browser and I'm presented with my NAS login screen. YEY!
However, I'm now paranoid about baddies getting in. lol. So, I've enabled IP Block on the NAS, anymore than 3 wrong login attempts and you are blocked. I've also taken a look at the firewall, but now I'm confused!
This is what I have in at the minute:-
So basically the 8 LAN devices are things like PC's, Laptops, so I've given them access to everything on the NAS. They're fine.
The last rule is so that I can access the NAS from an external address. Without this rule in, I can't connect via my public IP.
Then finally, set the radio button so everything else is blocked if there is no rule present.
Does this look OK? My only concern is that the last rule says "source IP = ALL". Should I limit this to my external IP? If it is set to "ALL" does that mean any external PC can connect? Basically I only want my phone to connect in remotely. Nothing else.
Is there anything else I can do to improve security?
Thanks!
I've been messing around enabling remote access to my NAS unit, in order to access the Audio Station on my phone. When at home on the Wireless Network, I can login fine from my phone.
So I've setup the HTTPS access and forwarded the correct port, checked via "canyouseeme.org" that the port is visible, then entered my public IP address into my browser and I'm presented with my NAS login screen. YEY!
However, I'm now paranoid about baddies getting in. lol. So, I've enabled IP Block on the NAS, anymore than 3 wrong login attempts and you are blocked. I've also taken a look at the firewall, but now I'm confused!
This is what I have in at the minute:-
So basically the 8 LAN devices are things like PC's, Laptops, so I've given them access to everything on the NAS. They're fine.
The last rule is so that I can access the NAS from an external address. Without this rule in, I can't connect via my public IP.
Then finally, set the radio button so everything else is blocked if there is no rule present.
Does this look OK? My only concern is that the last rule says "source IP = ALL". Should I limit this to my external IP? If it is set to "ALL" does that mean any external PC can connect? Basically I only want my phone to connect in remotely. Nothing else.
Is there anything else I can do to improve security?
Thanks!
