Buffalo NAS-Central Forums

Welcome to the Linkstation Wiki community
It is currently Tue Sep 02, 2014 12:33 pm

All times are UTC [ DST ]




Post new topic Reply to topic  [ 48 posts ]  Go to page Previous  1, 2, 3, 4  Next
Author Message
PostPosted: Thu Aug 16, 2007 3:37 pm 
Offline
Site Admin
User avatar

Joined: Sun Jul 17, 2005 4:34 pm
Posts: 5330
You asked for advice? Enable HTTPS...


Top
 Profile  
 
PostPosted: Thu Aug 16, 2007 3:48 pm 
Offline
Newbie

Joined: Sat Jun 09, 2007 7:06 am
Posts: 7
I've finally got mine set up. The key factors here were:

1. Having the right DNS and Gateway addresses in > Network Setup
2. Enabling HTTPS/SSL Encryption in > Web Access > Service Setup
3a. Enabling Use BuffaloNAS.com in > Web Access > Service Setup
3b. Assign BuffaloNAS.com Name in > Web Access > Service Setup
3c. Assign BuffaloNAS.com Key in > Web Access > Service Setup
3. Auto-Configure Firewall (UPnP) in > Web Access > Service Setup
4. External Port = 9000 in > Web Access > Service Setup
5. Adding a Local User in > User Management
6. Giving that user the desired access restrictions in > Shared Folder Setup
7. Select "Use Inherited Folder permissions" in > Web Access > Folders Setup


Top
 Profile  
 
PostPosted: Thu Aug 16, 2007 5:21 pm 
Offline
Newbie

Joined: Sat Jun 09, 2007 7:06 am
Posts: 7
mlrtist wrote:
I've finally got mine set up. The key factors here were:

1. Having the right DNS and Gateway addresses in > Network Setup
2. Enabling HTTPS/SSL Encryption in > Web Access > Service Setup
3a. Enabling Use BuffaloNAS.com in > Web Access > Service Setup
3b. Assign BuffaloNAS.com Name in > Web Access > Service Setup
3c. Assign BuffaloNAS.com Key in > Web Access > Service Setup
3. Auto-Configure Firewall (UPnP) in > Web Access > Service Setup
4. External Port = 9000 in > Web Access > Service Setup
5. Adding a Local User in > User Management
6. Giving that user the desired access restrictions in > Shared Folder Setup
7. Select "Use Inherited Folder permissions" in > Web Access > Folders Setup


OK... now just to follow-up: I have easy access to the NAS from my internal network (works like a charm everytime). However, when i try to access it externally, outside my network on my neighbor's wireless router, it's not full proof. I've accessed it maybe 2 out of 10 tries. It times out trying to connect.


Top
 Profile  
 
PostPosted: Fri Aug 24, 2007 2:14 pm 
Offline
Newbie

Joined: Mon Aug 13, 2007 2:25 pm
Posts: 12
Location: Darkest Wiltshire
Still have problems accessing the LS Live over the internet with https.

Using the following settings on the LS Live;

Web access>service setup.
Web access; enabled
https/ssl; enabled
buffalonas; enabled
enter buffalonas name and key
auto configure upnp; enable
external port; set automatically

Ensure that DNS details are entered in the LS admin UI.



Settings on Netgear Router DG834GT.

Static IP assigned for LS
Upnp on
DMZ off
Upnp automatically adds services for the ports chosen by buffalonas to the LS

One can disable the Upnp and chose the external port.
Then in Services; add tcp/udp on 9000 and the chosen external port number
Firewall; add inbound new services as above

Firewall; Add inbound rule for https/443
Firewall; Default outbound rule is all services enabled. No need to change.



So now it's all good to go, but the LS Live uses separate ports for internal and external access.

Within my internal network the buffalonas page loads without problem on https://192.xxx.xxx.xxx:9000

Externally, the page attempts to load on https://xx.xxx.xx.xx:45259 but this error is returned;

"HTTP 502 Proxy Error - The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. (12204) Internet Security and Acceleration Server"

Not surprisingly, the network at work will only allow SSL through port 443. I've tried setting the external port to 443 but I still don't get a connection. Needless to say, by reverting to normal http I have access without problem both internally and externally.

To me, it seems bizarre that Buffalo have gone to the trouble of making this web access, setting up the buffalonas site so that people can access data accross the internet and then add a security feature that prevents this access.


Top
 Profile  
 
PostPosted: Fri Aug 24, 2007 2:36 pm 
Offline
Newbie

Joined: Thu Aug 23, 2007 9:37 am
Posts: 62
Setting up mine was kind of a struggle as well....

Took me some time to figure out that my router does support UPnP - but my DSL Modem does not....

I had the same symphtoms: Internally on xx:9000 worked fine - but externally it did not work.

Than I DISabled the UPnP in the LinkStation and set the port fixed to 9000. Afterwards I created a port forwarding rule in the router.

But the key to success was: To switch off the NAT in the ADSL modem by setting the router as "default NAT server". From there on it works fine. (and even quicker than I would have thought...)

Rgds,
Martin

_________________
LinkStation Live LS-DH500GL, Stock Firmware 2.10, Twonky 4.4.6 additionally uShare
LinkTheater PC-P4LWAG


Top
 Profile  
 
PostPosted: Fri Aug 24, 2007 3:43 pm 
Offline
Newbie

Joined: Mon Aug 13, 2007 2:25 pm
Posts: 12
Location: Darkest Wiltshire
Thanks for the response Martin.

Did you get https to work externally?

I've also tried the disable upnp, set external port 9000, create port forward rule but still no luck on https.

The Netgear router is also the DSL modem so no conflict there.

Dave.


Top
 Profile  
 
PostPosted: Fri Aug 24, 2007 9:53 pm 
Offline
Newbie

Joined: Tue Aug 07, 2007 5:38 pm
Posts: 25
Location: Austria
I think it's best practice to use external Port 443 (standard for https).


Top
 Profile  
 
PostPosted: Mon Aug 27, 2007 7:51 am 
Offline
Newbie

Joined: Thu Aug 23, 2007 9:37 am
Posts: 62
Hi,

never tried https so far.... But I would change to 443 than, I guess...

Rgds,
Martin

_________________
LinkStation Live LS-DH500GL, Stock Firmware 2.10, Twonky 4.4.6 additionally uShare
LinkTheater PC-P4LWAG


Top
 Profile  
 
PostPosted: Mon Aug 27, 2007 9:05 am 
Offline
Moderator
User avatar

Joined: Tue May 23, 2006 9:20 pm
Posts: 366
Location: Chicago USA
qxy63 wrote:
auto configure upnp; enable
external port; set automatically


Within my internal network the buffalonas page loads without problem on https://192.xxx.xxx.xxx:9000

Externally, the page attempts to load on https://xx.xxx.xx.xx:45259 but this error is returned;



I would imagine that your issue is more unique. HTTPS certs can be established over non standard ports but you are behind a proxy server, that is where your transparency ends.

"HTTP 502 Proxy Error "

The best solution for you (I don't know what kind of security risk this would be, if any) would be to turn OFF UPnP and manually set the port to 443 to pass through your proxy.


hope that helps.

_________________
1 LS-GL: (FreeLink - 2.6.22 kernel)- backup and media server...
As of June 11, 2010:
admin@LS320:~$ uptime
20:23:40 up 417 days, 20:09, 1 user, load average: 0.20, 0.21, 0.30

That's only because I had to move that time ago. Love this box and this community, wish I had more time to dedicate to it.


Top
 Profile  
 
PostPosted: Fri Sep 21, 2007 8:22 pm 
Offline
Total Newbie

Joined: Fri Sep 21, 2007 7:59 pm
Posts: 1
Struggling with this one, but with a completely different problem.

My set up is - Netgear DG834PN adsl router. Inbound port 9000 forwarded to my LinkStation Live. Linkstation Live set up with https switched off, UPnP off, external port set at 9000. My name and password for BuffaloNAS.com are unremarkable.

When I apply these settings I get the following error message: "The device name and key must be between 3 and 20 characters, and only contain letters, numbers, underscores (_) and hyphens (-). The port number must only contain numbers, and be between 2 and 5 digits."

This is not true, my name and password are compliant with the above. I am at a dead end, as I have no clue how to set up web access using my own DNS server.

Anyone else had this problem, and fixed it?


Top
 Profile  
 
PostPosted: Fri Sep 28, 2007 3:48 am 
Offline
Newbie
User avatar

Joined: Sat Jun 17, 2006 3:31 am
Posts: 66
Location: Illinois, the 's' is sexy.
Port 443 does not need to be forwarded for https access to the Web Access feature. It is always using 9000 internally. Also, you need to make sure your router is forwarding the same inbound port number that is setup on the Web Access Service Setup page. This port is always forwarded to 9000, the only way to change the internal port is with root access to the Linkstation.

_________________
LS-GL: 1.11-1a Open Stock Firmware with Enhanced CTorrent and CTCS
Linkstation Version Information Script


Top
 Profile  
 
PostPosted: Fri Sep 28, 2007 3:49 am 
Offline
Newbie
User avatar

Joined: Sat Jun 17, 2006 3:31 am
Posts: 66
Location: Illinois, the 's' is sexy.
andybreen wrote:
Struggling with this one, but with a completely different problem.

My set up is - Netgear DG834PN adsl router. Inbound port 9000 forwarded to my LinkStation Live. Linkstation Live set up with https switched off, UPnP off, external port set at 9000. My name and password for BuffaloNAS.com are unremarkable.

When I apply these settings I get the following error message: "The device name and key must be between 3 and 20 characters, and only contain letters, numbers, underscores (_) and hyphens (-). The port number must only contain numbers, and be between 2 and 5 digits."

This is not true, my name and password are compliant with the above. I am at a dead end, as I have no clue how to set up web access using my own DNS server.

Anyone else had this problem, and fixed it?


Try enabling the service without using BuffaloNAS.com and then configure everything and make sure it works internally. For the DNS name use the IP address of the unit. Then, once everything is working, enable BuffaloNAS.com again and apply.

_________________
LS-GL: 1.11-1a Open Stock Firmware with Enhanced CTorrent and CTCS
Linkstation Version Information Script


Top
 Profile  
 
PostPosted: Wed Dec 19, 2007 10:49 am 
Offline
Newbie

Joined: Wed Dec 19, 2007 10:39 am
Posts: 31
Hi!

I'm also struggling to get the Webaccess working to my Linkstation Live. Internally it works fine but externally no luck yet.

- I use Buffalonas.com, port 9000 and tried it with and without https/ssl.
- I have a Zyxel adsl modem.
- I configured the NAT port forwarding for my Linkstation Live internal IP address (192.168.x.x) to ports 9000 and 443.
- I tried it with and without uPNP.

When I try it from the Buffalonas.com I can see it is "Waiting for xx.xxx.xxx.xxx" which is my adsl modem's IP address to outside world. It will end with a timeout.

Do I need to add some firewall rules in addition to the NAT port forwarding?


Top
 Profile  
 
PostPosted: Thu Dec 20, 2007 8:36 am 
Offline
Newbie

Joined: Wed Dec 19, 2007 10:39 am
Posts: 31
Well, should have know that the adsl modem's firewall was the reason. I opened the correct port and it started to work :)

On a side note: is there an easy fix for the folder permission oddity I seem to have now? Suddenly I can't write or delete anything from Windows from my share!?


Top
 Profile  
 
PostPosted: Thu May 29, 2008 11:13 am 
Offline
Total Newbie

Joined: Thu May 29, 2008 11:06 am
Posts: 1
This error appears to be caused by a mis-formed HTTP GET from the NAS (well it was on mine !). Pressing the 'reset' button on the back appeared to clear the issue (Im told this only resets the admin password and IP address but it also appears to clear this fault).

Below is my mail to Buffola tech support with a summary

~~~~~~~~~~~~~~~~~~~~~
In analysing the wireshark traces for both broken and working behaviour it appears the error is caused by the NAS sending an HTTP GET to the BuffaloNAS.com with ‘incomplete’ information ?. The BuffaloNAS.com is responding with the error text which is rather misleading as the error isn’t related to the username/password but rather an issue with the request sent.

Can you include this information on the Knowledgebase please ?.

Broken request (results in the error)
Request URI: /reply.php?name=142536&key=4444&port=9000&localip=192.168.1.3&ssl=

Working request
Request URI: /reply.php?name=142536&key=4444&port=9000&localip=192.168.1.3&ssl=off

The error message displayed due to the above is :-
"The device name and key must be between 3 and 20 characters, and only contain letters, numbers, underscores (_) and hyphens (-). The port number must only contain numbers, and be between 2 and 5 digits."

Would it be possible to change the BuffaloNAS.com response for this error to align better with the actual cause ?


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 48 posts ]  Go to page Previous  1, 2, 3, 4  Next

All times are UTC [ DST ]


Who is online

Users browsing this forum: No registered users and 21 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:

Protected by Anti-Spam ACP
Protected by Anti-Spam ACP Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group