Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[dalbert]

Like many users, I run my DNS-321 behind a NAT firewall/router.  I would like to be able to securely access files from outside my network (e.g. access them from work).  Since FTP is not secure, I do not want to forward port 21 to the DNS-321.  My only current solution is to ssh into another local machine on my home network, ftp the file(s) from the DNS-321 to that machine, and then sftp the files to the remote system...needless to say this is tedius.

Has anyone been successful with:
  1) ssh tunneling port 21 (DNS-321 does not seem
      to allow foreign network access)
  2) ssh tunneling of port 139 via addl local loopback connection
  3) http file access?
  4) anything else?

D-Link, if you are listening, since you already have an http server, allowing us to enable http file access to the shares would seem to be a very easy option for at least read-only access that should require almost no work for a nifty feature.

Thanks!

[BillGalbraith]

When you ask for a simple little feature to be added, D-Link doesn't really care. The problems that have been noted are relatively small, but they don't seem to care. I am a software professional, and fixing small problems like this are not big deals, but this and other problems continue to exist, as if no one at D-Link is really working on it. Maybe they just let the problems build up until there are too many of them, then release a fix for some of them.

D-Link, how about releasing the software to me and I'll fix these problems. Better yet, release the software to the general public and have DOZENS of people fixing your problems. You'll get a better product and will sell more units.

[dalbert]

FYI, to get FTP working through an ssh tunnel may simply be a matter of
adding the line:
    AllowForeignAddress on
to the proFTPd configuration file:

http://castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-SSH.html

Bill, I hear your frustration, but also being a software engineer,
I recognize that D-Link has a boatload of products and their
software team likely has a large list of critical and major defects
competing with any enhancement requests...our best bet is
probably to make very small, low risk, and broadly useful requests
and provide full implementation details so they can easily code,
test, and submit the enhancement.  I'm pretty sure they will eventually
have at least one firmware upgrade for this product.

[fordem]

The simple solution is to create a VPN tunnel into the firewall (obviously this needs a firewall that supports VPN access) and then you can get access into everything on the local LAN. as if you were on the local LAN.

For those software engineers (I am not one - I do implement networks, which is why I have a network solution to the problem) I believe the source code is available for download under GPL terms -am I missing something or simply too naieve to understand what it is you're asking for.

[D-Link Multimedia]

FYI, to get FTP working through an ssh tunnel may simply be a matter of
adding the line:
    AllowForeignAddress on
to the proFTPd configuration file:

http://castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-SSH.html

Bill, I hear your frustration, but also being a software engineer,
I recognize that D-Link has a boatload of products and their
software team likely has a large list of critical and major defects
competing with any enhancement requests...our best bet is
probably to make very small, low risk, and broadly useful requests
and provide full implementation details so they can easily code,
test, and submit the enhancement.  I'm pretty sure they will eventually
have at least one firmware upgrade for this product.

Thank you for your patience. We definitely do have a few large product lines and since this product just came out 2 months ago it did not take top priority for feature enhancements. We are in the process of working on new firmware's for our NAS line and you can see some of the feature sets that have been added by looking at the DNS-343 release notes.

We have made upgrades to the FTP Server, the iTunes and UPNP AV server. Although not affecting this product in particular we have added USB UPS monitoring and now power recovery in the latest firmware to the DNS-343(a highly requested feature by our customers).

We do read 3rd party sites for feedback on our products as well as any critical issues a customer might be having and provide responses to them.

We do not make it a habit to release firmwares once a month if there are not critical bugs in the product since causes a lot of time lost to Quality Control each release and instead would prefer to roll fixes and enhancements together.

[dalbert]

The simple solution is to create a VPN tunnel into the firewall (obviously this needs a firewall that supports VPN access) and then you can get access into everything on the local LAN. as if you were on the local LAN.

For those software engineers (I am not one - I do implement networks, which is why I have a network solution to the problem) I believe the source code is available for download under GPL terms -am I missing something or simply too naieve to understand what it is you're asking for.

 

There are of course many VPN solutions.  I was asking specifically about ssh tunneling because it is free and pervasive.  I eventually got ssh tunnelling  working for network (SMB) access, but not for ftp.  The issue with tunneling ftp over ssh is that the ftp server rejects the "foreign host".

Even if D-link is willing to release source code for the DNS-321 firmware, there are a host of reasons not to do this including that it would branch the codebase; the changes would need to be merged into each successive release.  It seems D-Link is amenable to reasonable suggestions and takes customer requests seriously so I think supporting them in their development and testing by serving as beta testers and making suggestions/debugging problems is my preferred approach.

Regards,
Dave

[fordem]

 
Even if D-link is willing to release source code for the DNS-321 firmware, there are a host of reasons not to do this including that it would branch the codebase; the changes would need to be merged into each successive release.  It seems D-Link is amenable to reasonable suggestions and takes customer requests seriously so I think supporting them in their development and testing by serving as beta testers and making suggestions/debugging problems is my preferred approach.

Regards,
Dave

That my friend is the raison d'etre of open source.