I need to set up remote access to a NAS (remote meaning out of the building, via the internet, from different locations).
Several computers (all WinXP Pro except one Mac OS-X).
DSL connection to the internet with a dynamic IP
No domain server - all workgroup computers.
1 NAS - Buffalo LinkStation Pro
Low-end wireless router with firewall functions enabled on the router
None of the in-house computers are powered on 24/7 (that is, they are all powered down at the desire of the user).
Remote computer #1:
A laptop with wireless capability that is set up as a member of the in-house workgroup
This computer will be connecting from various locations (coffee shops, other offices, and the like)
Remote computer #2:
A corporate desktop on a corporate network. I don't know exactly their configuration, but I assume this is a domain behind a corporate firewall accessing the internet through a proxy server. That is just an assumption, but a reasonably one.
Remote computer #3:
A home computer possibly on dialup, but otherwise of unknown connection to the internet.
Computers #2 and #3 will never be accessing the system at the same time (same user). Computer #1 will sometimes be accessing the system remotely and sometimes via the internal wireless AP.
There is a need to keep the data on the NAS reasonably secure.
Budget is $0 (or as near to $0 as possible - it is a small church).
I've poked around about enabling FTP on the LinkStation, but I'm nervous about security issues if I open ports 20/21 on the router, since I do not believe the LinkStation can use anything other than ports 20/21 for FTP.
I've done some checking in various approaches of setting up VPN, but I keep running into the budget issue - no monthly fees can be a part of the solution; neither can spending several hundred (or more) for VPN devices and associated software. The access needs to be to the LinkStation, not one of the other PCs.
I do have available a derelict PC (800MHz Duron) that could conceivably be made into a Linux device to act as a host for a VPN server, but the learning curve for me (no prior Linux experience) would mean this would take a while to get set up.
I went with a Netgear VPN endpoint router, because I don't think FTP is bullet proof, but nothing is. 3DES is more secure than FTP. But my NAS's may be better than the Linkstation. I have the need to access my network when away from home time to time. The 338 came with client software which made it work when they release the v2 fw. You may setup a call back system if you have the right modems, But it will be extremely slow according today standards. Another option is to set remote admin up on the router, port 8080, with a super strong password/key. Then connect and turn on FTP when you need access, then shut back down when finished. This way you can use your existing hardware. Set the router up with DynDNS and you will be set.
Right now I would NOT recommend netgear for they fail to do what the advertise. And tech support has not addressed some issues over 6mo old.