FreeNAS Volume security – 02/15/14
I set up my NAS to be available locally to all peers connected to the access point. The access point is via a wifi router connected to a gigabit switch. The gigabit switch was used to obtain gigabit throughput between NAS and main PC, reaching 150 mbps read/write speeds.
Security has become a concern as I don’t want everyone accessing personal backups and media, so I had to set up a credential gateway (required from me) in order to access the volume.
>a new user is required with the following conditions: a username, a full name and password.
>creating a new primary group is unnecessary if you already have an existing group.
>home directory can be selected. if non existent, go to next step
>create a new CIFS share: a volume must be existent (volumes>create new ZFS volumes)
>under volumes>view active volumes>change permissions> Owner(user) = nobody, Owner(group) = *your set primary group
>set mode to write and execute for under “group”
>back to the CIFS shares, edit the existing CIFS to”browsable to network clients = checked, and “allow guest access” = unchecked
>under services, >CIFS> Authentication Model = Local User, Guest account = nobody, as well as set your home directory based on your volume.
>control services> turn CIFS OFF, reboot NAS, turn on CIFS service
>on main accessing PC, access my computer>network>FREENAS> and access the volume directory
>enter your credentials as a secondary user, credentials are made from step one>check remember these credentials
>you should be able to access your volume, as well as protect volume.
Android devices are also able to access your volumes given a modified network access set up (file manager>network>create)
Next step: Port forwarding and external file access.