NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
VPN
10 TopicsZeroTier and the ReadyNAS
NASTools mentions in the Apps sub-forum that he is looking into an app for ZeroTier. I started a small tangent discussion and thought it better to move it to its own thread. I. too, have been looking into ZeroTier, and I think it has great potential on the ReadyNAS. For those open to SSHing in, it's an easy install in OS6.6.0. But everything has to be done via SSH and the ZeroTier CLI, so it's not for everyone (yet). If NASTools does get an app with a GUI, then all aboard. I suppose ShellInABox could also be used, since it gives SSH access -- I have never tried it. I have installed ZeroTier One (the official name of the application) on OS6.6.0 running on legacy x86 devices. With OS6.6 now being based on Debian 8 (aka jessie), it should also install on ARM devices using the standard method, according to their documentation. But I do not have an ARM device on which to try it. Anyone wishing to risk the possibility of needing to factory default if it does not work right is invited to give it a try (see instructions below) and let us know in a reply if it works. So, "What is ZeroTier?", you ask. The best desctiption I have seen is that is it a "mesh VPN". That is, it is a VPN that runs in conjunction with your normal NAT, not instead or in the middle of it. Instead of routing everything over the VPN, as is the typical VPN implementation (though it can be made to do so), it sets up one or more parallel networks that you can access through ZeroTier. You can find more information at https://www.zerotier.com/. I have installed it on two ReadyNASes, a PC, and my Android phone. I can now directly access the NASes (including the admin page) from my PC or phone when away from home as if I were on the same LAN (though my phone's resolution and the OS6 user interface don't work well together). I can map drives on my PC. I can create a backup job between NASes, even if they are in physically different locations. No need for Rsync over SSH, ReadyCloud or ReadyNAS Replicate. Just a standard backup process using the other NAS's ZeroTier IP address instead of it's normal one. For me, this is huge. It's a lot like ReadyNAS Remote and then some. Like the ReadyNAS apps, it does use an external server to establish the route between devices, but it does not route all traffic though that server. As a result, it's only bottleneck is the connection speeds of the devices There is an option to run your own server, though documentation is sparce (likely intentionally, as doing so is only for highly skilled users). Because traffic takes the most direct route, including staying on your LAN if appropriate, this also means you can use the same Windows drive mappings no matter where you are. When both devices are on your LAN, speed does not suffer by being routed "around the world". But your internet traffic also doesn't suffer when you are on the road by being routed through your VPN gateway. Note that this could open a remote PC up as an attrack point on the LAN, so caution should be used by business users. Having the ZeroTier connection made automatically with stored credentials is probably not wise for many cases. I was initially reluctant to install ZeroTier because it just used a script and I could not see what it was doing. But I downloaded and looked over the script and became convinced it would work. And work, it did. Just go here: https://www.zerotier.com/product-one.shtml and run the CURL command listed for the Linux install from an SSH session. I point to the page instead of duplicating the command in case it changes in the future. I did run an apt-get update first, because I think the system should be up to date before installing any "foreign" apps, but Netgear does not recommend doing the update, as it may create conflicts within the OS. The script checks what version of Linux and what processor you are using, then installs the appropriate files. It installed fine on my x86 OS6.6.0 system. It should install on ARM 6.6.0 and may install on older X86 6.x, but I have not tried it. Instructions for installing on earlier ARM OS6 can be found here: https://www.andrewmunsell.com/blog/remote-access-to-readynas-zerotier-one/. If it were to run on OS4.x or 5.x, it would probably also need to be compiled and scripts manually installed as described on that page. If it works on OS4 and OS5, it would be the answer to the lack of ReadyNAS Remote and ReadyCloud compatibility on the same client machine. But even if it doesn't, ZeroTier, unlike ReadyCloud, is compatible with running ReadyNAS Remote on a PC, so you could have concurrent ways to access both old and new systems, though not between each other. Once installed, it's just a mater of using the zerotier-cli command or Windows/Mac/Android/iOS GUI to join all devices to the same network and get an IP address on that network. ip addr show now now shows a new zto: interface and (if connected to a network), the IP address associated wih it. The interface and network connections survive a reboot, courtesy of startup scripts installed by the ZeroTier installer. It was not necessary for me to change any configuration on my router. Note that uninstalling may be more difficult than installing, as there is no uninstall script. But you can leave it installed but disconnected form any networks and it should cause no problem. Please share your installation experience, good or bad, especially if not on an OS6.6.0 or above X86 system.14KViews4likes13Comments
ReadyNAS 312 6.6.1 systemd-journal log
I see a lot of these style entires: * apache2[19277]: [warn] [client 192.168.1.118] mod_auth_token: SHM capacity FULL. Shift memory to fit one more token. ts_end 320f83f8" * in the systemd-journal log file. Is this a 'thing' to be concerned about? Yes, we are having some behavioural issues with this box (losing Readycloud app access via the VPN, the device showing "offline" in readycloud portal occasionally and the the NAS suddently being inaccessible locally which seems to crash Mac OS X FInder. Restarting Finder reconnects and it is OK again. We don't know if it is a local LAN problem. The device has 2 LAN sockets. Only one is connected, should we connect both or just try the other one for a while? Is there a log file that would indicate 'Network' connection errors? The standard web interface errors do not show any erros or warnings of this type at all. we have a case request out with Netgear support but I know that some of you are superb with these things. Thanks, Andy.3.4KViews0likes2Comments
ReadyNas VPN diconnected
Hello Netgear Community, I've read about 20 posts on this topic this morning, but failed to find any solution that would help. Essentially, I have a workgroup of 5, and 3 are currently connected to the ReadyNas 312 through ReadyCloud app. Myself and another team member are both receiving the message "Online (VPN Disconnected). We are using the latest download, and our firmware is 6.6.1 Since I am the administrator, and cannot connect, I have no way of adding deleting /adding new users (which I read would potentially resolve the problem). What is most frustrating, it appears this is likely a flaw with NetGear ReadyCloud, but they seem to be ignoring the fact, as well as the fact that the issue has been reported by many users. In any case... I am communication with three users who are able to connect, anything they can do, as non-administrators? Anything I can do, while trapped inside do to a Nor'Easter (Blizzard, for those who are unfamiliar). thanks, Raven2.5KViews0likes2Comments
Softether VPN + ReadyNAS — a better solution for full access to network AND the NAS itself
I tried to set up the Softether VPN and struggled a bit, like many others on here, with not being able to access the ReadyNAS directly when connected. First I set it up with the bridge to eth0 as would be standard for softether VPN, and I could connect to other devices on the network, but not the NAS itself. Apparently the linux kernel doesn't really like packets going 'out' the interface if they're destined toward that same interface. I played around with SecureNAT and bridging to a tap device, without any luck. That road was also much more complicated so am kind of glad not to have ended up down there. I then found the advice in a thread on here to set up the second adaptor with a random address (outside the local network subnet). e.g. my eth0 is on the 10.0.0.0/24 range so eth1 would be set up as perhaps 192.168.60.1 and plugged into the same physical network as eth0. This fixes the issue of packets being routed back to the NAS itself (so you can access the NAS from the VPN)... but creates another problem. I ended up having avahi (aka Bonjour or mDNSresponder) advertising two separate addresses for the NAS to local machines: one on 10.0.0.0 and one on 192.168.60.1 (which is inaccessible), and when readynas.local resolved to the latter, the connection would fail. This isn't a problem for many people, who don't rely on bonjour/mdnsresponder/avahi (i.e. if you don't use your-nas-name.local to access it)... So my next thought was... okay what's actually wrong with having them both on the same subnet? eth0=10.0.0.2 and eth1=10.0.0.3. Then whichever address is advertised as MyReadyNAS.local will be reachable at least. This basically works. Of course it does—Linux doesn't really have a problem with having multiple IPs on the same subnet... as long as they're not bridged together (whatever you do, do NOT use softether to bridge your VPN hub thingy to both adaptors at once, if they're plugged into the same network!). So there's a solution. Turns out you can go one step further, and set them to the same static IP. Linux is actually fine with this too (I suspect most OSes are). Both eth0 and eth1 as 10.0.0.2, with the VPN bridge on eth1 (it could be either of course, but NOT BOTH). This solves the VPN bridging issue. And it doesn't cause problems for the advertised address of the ReadyNAS. I'm not 100% sure exactly how this affects performance, but I think it either has no impact or could actually slightly increase your maximum network bandwidth when you have multiple clients connecting to the ReadyNAS—two different interfaces with the same IP mean that some packets might go into one or the other (as far as I am aware it's random which ethernet port would be chosen by the client when connecting to the IP common to both). It also adds some redundancy, if one of the ports (on the ReadyNAS or the switch it's connected to) failed, or the ethernet cables were damaged or accidentally unplugged, you'd still have a link to the NAS. I can't think of any negative effects of doing this (maybe an infintecimal amount of additional power used to power the 2nd ethernet port). TL;DR: For setting up Softether VPN 1. Set both eth0 and eth1 to the same static IP on your network (IP, netmask, router all identical, DNS should be the same or at least working DNS servers). 2. Plug both ethernet ports into your switch/router—yep, both in the same network, it's OK to do this because the NAS isn't a switch, it's not bridging/routing between the two ports. 2. Set up softether VPN, configure your Virtual Hub and users as per the guide and/or your desired configuration... 3. For the Local Bridge Setting, bridge your Virtual Hub to ONE of the ethernet ports (e.g. eth1). Hope this helps!SolvedOpenVPN download speed extremely slow on Readynas duo 104
Hello, I've recently set up a OpenVPN tunnel from my ReadyNas Duo 104 with my VPN service provider (ivpn.net). Everything is working fine, but I am experiencing massive performance losses. I'm on a 100/10 Mbit connection and without VPN i can max out my bandwidth's download speed on my NAS. As soon as i connect to the VPN my download speed goes down to as low as 8Mbit/s. I have no problems what so ever using the vpn on other platforms (windows, ios), and the server responds within 20-30ms. I've been messing around with the MTU size, different ports and everything I could find out. Does anyone know what I can do? Is the hardware in the NAS simply too weak for encrypting my data to meet those speeds? Any tips are helpful. Thanks!4KViews0likes2CommentsRN31200 vpn file sharing setup
Hi All, I think this had been asked before but I don't have much information on a sort of step-by-step guide to setting up the vpn sharing for the NAS. I'm currently having issue to configure the RN31200 and the modem Archer D7. I'm looking for a method to access the NAS via the computer file system, just like how Dropbox and Google Drive work, and I think it will require some sort of VPN to be set up. I had install VPN server on the NAS but not sure how to properly set it up afterwards. Could someone please shed some light on the process? Many thanks. -Tommy3.4KViews0likes4CommentsHalf of Pings Drop over IPSec Tunnel
Hi there! Pull hairs over here, I have a IPSec Tunnel between two pFsense Firewalls. Pings to both Gateways without issue, pings to PCs on Remote LAN succeed without issue. When pinging the ReadyNAS on the Remote Network, half of the pings fail while the other half succeed. At this time, I cannot access the ReadyNAS on the Remote Network from the Main Network over VPN. There is no issue pining the ReadyNAS when on the same local subnet. Local Nework: 192.168.10.x Remote LAN: 192.168.30.x (c) 2015 Microsoft Corporation. All rights reserved. C:\WINDOWS\system32>ping 192.168.30.50 Pinging 192.168.30.50 with 32 bytes of data Request timed out. Reply from 192.168.30.50: bytes=32 time=147ms TTL=62 Request timed out. Reply from 192.168.30.50: bytes=32 time=133ms TTL=62 Ping statistics for 192.168.30.50: Packets: Sent = 4, Received = 2, Lost = 2 (50% loss), Approximate round trip times in milli-seconds: Minimum = 133ms, Maximum = 147ms, Average = 140ms C:\WINDOWS\system32>3.6KViews0likes2CommentsSoftether VPN (Cannot Access ReadyNAS)
Hi, I can see this issue has been reported before but i have no idea how to resolve as there hasn't been any real clear solution. Basically my L2TP VPN server on my ReadyNAS is working and i can VPN in successfully from the internet and see all of my LAN devices with the exception of the ReadyNAS. I am unable to access the ReadyNAS admin page. I have read that a TAP device could be setup but i have no idea what i need to configure for this. I have a Local Bridge setup from my Virtual Hub on the VPN server to the eth0 NIC on the ReadyNAS itself which is connecting the virtual hub to my physical LAN. I noticed in the Network Adaptor drop down box i have eth0 and LeafNets, does anyone know what LeafNets is? I only have one physical LAN port on the NAS by the way. Any help to make my ReadyNAS accessible via VPN connection would be much appreciated. Thanks Shaun4.7KViews0likes4Commentscannot access Readynas over vpn
Hi I have a netgear fvs318 router at work that I have a vpn setup on. I am able to access my network remotely using software on my laptop and am able to access the server and router login page. I just recently installed a readynas 312 on the network and it's working great but I am unable to access it remotely through the vpn. I can connect to the network and I am able to ping the nas address successfully, but I cannot connect to any shares and I cannot access the admin page for nas settings. Any ideas why this isn't working through the VPN Thank youSolved5.3KViews0likes4Comments
