I have some https shares in my readynas, so i have forwarded 443 port to my readynas to allow external access to the shares. I have port 80 forwarded for compatibility but i don't use it. In configuration i have disabled admin access from http but i didn't find a way to disable access to the admin page from the outside. I would like to restrict access to the /admin url so nobody (or a restricted set of addresses preferable) can try to access admin page from the outside. My firewall can't filter a particular internal url, so i guess i need to do the setup in the NAS. Is there an easy way to do that? Can the admin account be renamed?
Being able to deny access to the admin web-ui on the secondary https port would be a nice feature. Perhaps post it on the idea exchange.
I realize you'd prefer to denying outside access on the primary port, but I think it would be difficult for the NAS to reliably tell that the connection came from outside. Forwarding 443 to the secondary port, and then denying admin web-ui access on that port would be easier to do.
As you say, a idea could be to use a different por for the admin virtualserver, and use the standard 80 and 443 ports for regular users.
The other question, about how to differentiate a external connection, i think in first place that it is easy to differenciate between LAN and a no-LAN connection and, for generic purposes, allow/deny sets of ip addresses or subnets in a similar way to "hosts" setup in shares. Admin interface is too vulnerable.
The other question, about how to differentiate a external connection, i think in first place that it is easy to differenciate between LAN and a no-LAN connection and, for generic purposes, allow/deny sets of ip addresses or subnets in a similar way to "hosts" setup in shares. Admin interface is too vulnerable.
I agree that it would be great if you could use the physical ethernet connection or VLAN as a filter for various services (including admin access). Netgear hasn't done that, but the idea is on the idea exchange. You might want to vote for that idea (by clicking on the large up arrow). It's here: https://community.netgear.com/t5/Idea-Exchange-for-ReadyNAS/Easy-way-to-dedicate-NICs-for-specific-p... You could add a specific comment on admin access.
