Netgate Noob, Office Lab dual purpose PFsense
-
![I am a part time IT support ( self employed ) and rookie IT geek in spare time . Due to Covid my employer suggested hosting a NAS ( QNAP) at home , as our office is closed off . I already have a computer lab and Leisure network at home , various NAS/ Server computers
As a solution I had Virgin Business broadband installed with 5 Static IP addresses in modem mode , with a PF sense attached ( Chinese black box with J1900 CPU and 8 Ethernet Ports) , so that theoretically I could have my Lab/ leisure network and the Employer internet services available ( secure web , 8081, 443 ) .
However I have no idea how to set this up . To simplify things , I want to get one network working with one Public IP first . So I have just plugged in the business NAS ( disconnected lab/leisure network ) but, I Cannot access it remotely . For some reason when requesting in the DDNS address of the NAS (www.companyname.qnapcloud.com) from outside the network , I go to the PFsense landing page with various errors .
Things I have tried
I have enabled UPNP on the PF sense
I have Enabled NAT Reflection
NAT Reflection mode for port forwards =Pure NAT
Enabled Automatic creation of additional NAT redirect rules from within the internal networks.Disabled DNS Rebinding Checks
Disable HTTP_REFERER enforcement check -
What do you want to achieve, file sharing for your employees or just for yourself?
if I am right, you configured DDNS on Qnap behind the pfSense NAT?I would choose these:
-establish OpenVPN connections for employees or just for you and access the NAS through it
https://www.qnap.com/en/how-to/tutorial/article/how-to-set-up-and-use-qvpn-2-0/-configure a QnapCloud service for employees or just for you
https://www.qnap.com/en/how-to/tutorial/article/accessing-your-qnap-device-with-myqnapcloud-service/don't do this:
I have enabled UPNP on the PF sense -
Hi
@DaddyGo said in Netgate Noob, Office Lab dual purpose PFsense:
What do you want to achieve, file sharing for your employees or just for yourself?
if I am right, you configured DDNS on Qnap behind the pfSense NAT?I want both actually , that is one of the main reasons for the PFsense , the ability to handle more than one public IP . There will be two NAS boxes , personal and business . Temporarily I have disconnected my personal NAS and just focusing on getting the business/office NAS up
@DaddyGo said in Netgate Noob, Office Lab dual purpose PFsense:
I would choose these:
-establish OpenVPN connections for employees or just for you and access the NAS through it
https://www.qnap.com/en/how-to/tutorial/article/how-to-set-up-and-use-qvpn-2-0/Hmm yes , I would do this if there was a DNS server, so that the NAS would be mappable using its name 'business-nas' . Without it , I cannot expect the office users to add drives with IP addresses , there is over 60 of them
@DaddyGo said in Netgate Noob, Office Lab dual purpose PFsense:> -configure a QnapCloud service for employees or just for you
https://www.qnap.com/en/how-to/tutorial/article/accessing-your-qnap-device-with-myqnapcloud-service/don't do this:
I have enabled UPNP on the PF senseMyqnapcloud needs a upnp enabled , or at least some ports open , this is what I am trying to achieve . I am well aware of the security issues around opening ports , however it is not working at all .
-
try this:
-
@DaddyGo said in Netgate Noob, Office Lab dual purpose PFsense:
try this:
Hi
I have selected that option , though has not made a difference
For some reason the Pfsense has added the port forward to the 8082 (external) to the QNAP internal . So I can get the qnap when adding port 8082 to the address . Though 8081 external goes to the PF sense , as does 443 . yet these are the default ports for the QNAP , why are they mapped to the PF sense?
-
is UPNP still working?
don't do that, instead use your own port forwarding, choose from a good high port range outside (F.E. 57443 to 443)basic document:
https://www.qnap.com/en/how-to/faq/article/what-is-the-port-number-used-by-the-turbo-nas/ -
-
@90Ninety
Super
I told you "
is UPNP still working?
don't do that, instead use your own port forwarding, choose from a good high port range outside (F.E. 57443 to 443)"there are still issues with UPNP, although more significant with gameplay
https://forum.netgate.com/topic/154153/test-request-upnp-fix-for-multiple-consoles-playing-the-same-game-static-port-outbound-nat