Jump to content

Remote Access to a Samba Share

Calligrafiction
 Share

Hello lovely tech wizards, thank you for your time.

I've spent a ridiculous amount of time trying to resolve this issue, but have been unsuccessful, so I'd appreciate extra eyes.

 

I have an Ubuntu server I use for a hodgepodge of self-hosted services, nothing intensive, mostly hobbyist stuff. I just added a new 2TB HDD for the purposes of backing up the main boot drive and acting as a NAS. I have a large partition intended for NAS use, and I'm using Samba to make the drive available to my Windows machines. Everything works flawlessly on my desktop, which is on the local network. I can mount the samba share as a network drive and use it exactly as I'd like to in every respect. However, I also need to use this drive on my laptop outside my LAN. How can I securely access my NAS drive remotely, and how can I automate things so I don't have to manually connect each time I restart my laptop?

 

Thank you very much in advance, let me know if I can provide additional information to produce the best recommendation.

Link to comment
Share on other sites

Link to post
Share on other sites

Setup a VPN. 

My recommendation would be Wireguard, its fast, responsive, secure, and easy to setup. 

 

If you have a dynamic IP address, theres plenty of free dynamic DNS services you can setup as well, like noip, duckdns, dyndns, cloudns, etc...

Spoiler

Desktop: Ryzen9 5950X | ASUS ROG Crosshair VIII Hero (Wifi) | EVGA RTX 3080Ti FTW3 | 32GB (2x16GB) Corsair Dominator Platinum RGB Pro 3600Mhz | EKWB EK-AIO 360D-RGB | EKWB EK-Vardar RGB Fans | 1TB Samsung 980 Pro, 4TB Samsung 980 Pro | Corsair 5000D Airflow | Corsair HX850 Platinum PSU | Asus ROG 42" OLED PG42UQ + LG 32" 32GK850G Monitor | Roccat Vulcan TKL Pro Keyboard | Logitech G Pro X Superlight  | MicroLab Solo 7C Speakers | Audio-Technica ATH-M50xBT2 LE Headphones | TC-Helicon GoXLR | Audio-Technica AT2035 | LTT Desk Mat | XBOX-X Controller | Windows 11 Pro

 

Spoiler

Server: Fractal Design Define R6 | Ryzen 3950x | ASRock X570 Taichi | EVGA GTX1070 FTW | 64GB (4x16GB) Corsair Vengeance LPX 3000Mhz | Corsair RM850v2 PSU | Fractal S36 Triple AIO | 12 x 8TB HGST Ultrastar He10 (WD Whitelabel) | 500GB Aorus Gen4 NVMe | 2 x 2TB Samsung 970 Evo Plus NVMe | LSI 9211-8i HBA

 

Link to comment
Share on other sites

Link to post
Share on other sites

The two best options are.

 

1. a VPN as Jarsky suggested

2. A self hosted cloud service such as owncloud or nextcloud.

Link to comment
Share on other sites

Link to post
Share on other sites

10 hours ago, Jarsky said:

Setup a VPN. 

My recommendation would be Wireguard, its fast, responsive, secure, and easy to setup. 

 

If you have a dynamic IP address, theres plenty of free dynamic DNS services you can setup as well, like noip, duckdns, dyndns, cloudns, etc...

This. 
 

And set up your laptop to use the VPN as a split tunnel, that way all internet destined traffic will go out over whatever normal gateway your laptop sees, but traffic destined for you NAS will go out over the VPN (obviously the VPN traffic flows over the default gateway as well… just encapsulated in the tunnel). 

Rig: i7 10700k @ 5.1Ghz, 4.8 Ring - - Z490 Vision G - - EVGA RTX 2080 XC Ultra @ 2025Mhz - - 4x8GB Vengeance Pro 3000Mhz 15-17-17-34 @ 3500MHz 16-19-19-38 - - Samsung 950 Pro 512 NVMe Boot + Main Programs - - Samsung 830 Pro 256 RAID 0 Lightroom + Photo work - - WD Blue 1 TB SSD for Games - - Corsair RM850x - - Sound BlasterX EA-5 - - EK Supremacy Evo - - XT45 X-Flow 420 + UT60 280 rads - - EK Full Cover GPU Block - - EK XRES RGB PWM - - Fractal Define S2 - - Acer Predator X34 -- Logitech G502 - - Logitech G710+ - - Logitech Z5500 - - LTT Deskpad

 

Headphones/amp/dac: Schiit Lyr 3 - - Fostex TR-X00 - - Sennheiser HD 6xx

 

Homelab/ Media Server: Proxmox VE host - - 512 NVMe Samsung 980 for VM's/Proxmox boot - - Xeon e5 2660 V4- - Supermicro X10SRF-i - - 64 GB ECC 2133 - - 10x4 TB WD Red RAID Z2 - - 10TB WD Red for expendable data - - Corsair 750D - - Corsair RM650i - - Dell H310 6Gbps SAS HBA - - Intel RES2SC240 SAS Expander - - TreuNAS + many other VM’s

 

iPhone 14 Pro - 2018 MacBook Air

Link to comment
Share on other sites

Link to post
Share on other sites

8 minutes ago, LIGISTX said:

This. 
 

And set up your laptop to use the VPN as a split tunnel, that way all internet destined traffic will go out over whatever normal gateway your laptop sees, but traffic destined for you NAS will go out over the VPN (obviously the VPN traffic flows over the default gateway as well… just encapsulated in the tunnel). 

honestly if your connection allows it, why not just run everything through the tunnel. 2 birds with one stone.

If your question is answered, mark it so.  | It's probably just coil whine, and it is probably just fine |   LTT Movie Club!

Read the docs. If they don't exist, write them. | Professional Thread Derailer

Desktop: i7-8700K, RTX 2080, 16G 3200Mhz, EndeavourOS(host), win10 (VFIO), Fedora(VFIO)

Server: ryzen 9 5900x, GTX 970, 64G 3200Mhz, Unraid.

 

Link to comment
Share on other sites

Link to post
Share on other sites

DIY VPN Pritunl Setup Tutorial - LTT Releases - Linus Tech Tips

Ltt has a good tutorial on how you can create your own vpn.

I would personally use Zerotier per device bases. It's like a virtual switch that makes a virtual private network. There will be app per devices which you can connect it as if you are on vpn. I recommend this because regardless of the fact that that you are using your own VPC or any VPN service leaves a record, but because zerotier is still pip but provides first information to tunnel and completely hands off after, it is safer and faster. 

Link to comment
Share on other sites

Link to post
Share on other sites

On 12/9/2022 at 7:18 AM, Takumidesh said:

honestly if your connection allows it, why not just run everything through the tunnel. 2 birds with one stone.

Because it slows down your internet.

 

When I am at a hotel or airport etc, I switch to the full tunnel vs the split tunnel. But if I am somewhere I “trust”, split tunnel is much nicer. 

Rig: i7 10700k @ 5.1Ghz, 4.8 Ring - - Z490 Vision G - - EVGA RTX 2080 XC Ultra @ 2025Mhz - - 4x8GB Vengeance Pro 3000Mhz 15-17-17-34 @ 3500MHz 16-19-19-38 - - Samsung 950 Pro 512 NVMe Boot + Main Programs - - Samsung 830 Pro 256 RAID 0 Lightroom + Photo work - - WD Blue 1 TB SSD for Games - - Corsair RM850x - - Sound BlasterX EA-5 - - EK Supremacy Evo - - XT45 X-Flow 420 + UT60 280 rads - - EK Full Cover GPU Block - - EK XRES RGB PWM - - Fractal Define S2 - - Acer Predator X34 -- Logitech G502 - - Logitech G710+ - - Logitech Z5500 - - LTT Deskpad

 

Headphones/amp/dac: Schiit Lyr 3 - - Fostex TR-X00 - - Sennheiser HD 6xx

 

Homelab/ Media Server: Proxmox VE host - - 512 NVMe Samsung 980 for VM's/Proxmox boot - - Xeon e5 2660 V4- - Supermicro X10SRF-i - - 64 GB ECC 2133 - - 10x4 TB WD Red RAID Z2 - - 10TB WD Red for expendable data - - Corsair 750D - - Corsair RM650i - - Dell H310 6Gbps SAS HBA - - Intel RES2SC240 SAS Expander - - TreuNAS + many other VM’s

 

iPhone 14 Pro - 2018 MacBook Air

Link to comment
Share on other sites

Link to post
Share on other sites

You can use tailscale for it.You don't need to open any port and you don't need to use any ddns.

Link to comment
Share on other sites

Link to post
Share on other sites

Use a router with built-in VPN like ubiquiti, TP-link, Zyxel, etc. (my preferred way and how I set up businesses usually). 

Host your own openVPN server that's secured with something like reverse proxy. 

Use a Hak5 Turtle and something like Linode to create a reverse VPN link to your house.

Set up a reverse proxy self-hosted Nextcloud suite. 

 

There's a number of ways to accomplish from easy (albeit maybe more expensive) to hard (and generally more difficult). Just for your safety (since you don't know how to do this already) don't follow any tutorial that tells you port-forward anything (except for reverse proxy tutorials on 443)

 

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×