I installed dietpi in a RPi3b+ as a centralized storage solution and NAS. All is well when working inside the network, but when I switch to an outside network, every connection is refused.
This is exclusive to the dietpi device. If I start ssh service in Odroid C2, running CoreELEC, I can connect to it immediately. Any service I try to connect in Dietpi returns an error 1005 connection refused. Ports are open to both devices. Also, I tried to stop Fail2ban and nothing changed.
What am I missing?
Edit: I forgot to mention this is exclusive to ssh, ftp or any file sharing function. I can access Webmin or Medusa over the internet without issues.
Are you connecting the Pi on a different network and you get the connection refusal, or is it connected to the same network and you are trying to connect from the internet?
The Pi is always connected to the same network. Any device outside the network is rejected, even if that device is connecting inside the network. The issue happens with or without ddns and fail2ban.
Honestly, I would not recommend to open ports like SSH towards the internet. If this is needed I would recommend to go with a VPN solution.
I mention ssh as part of the software that doesn’t work. I need FTP (or something like it) to access and backup data while I’m away.
go with a VPN solution and SAMBA or FTP.
FTP is not built to be secure. It is generally considered to be an insecure protocol because it relies on clear-text usernames and passwords for authentication and does not use encryption. Data sent via FTP is vulnerable to sniffing, spoofing, and brute force attacks, among other basic attack methods.
You’re missing the question. I understand my options, but I can only connect to them while connected to my network. Once I disconnect from my network and start working on 4G or any other network, I can’t access any file sharing service. Ports are open, the services are running, I can even connect to a few of them over the internet (E.g. Webmin), but FTP, SMB and such always return “Error 1005 Refused Connection”.
did you setup a firewall like iptables on your system?
Unless it was installed as a dependency, I see no evidence of it.
can you check iptables -L -n if there is anything setup. Next to this, I know there are internet router on the marke who block access on SMB as well as FTP port for security reasons, even if you try to forward.
-bash: iptables: command not found
what type of internet router you are using?
Keep in mind that FTP is a multi port protocol. Even if you have forwarded tcp 21 on the router, it is not enough to transfer files.
If SSH is working fine, I think the easiest for you would be to install openssh-sftp and use that for file transfer. On the plus side you’ll get the encryption, which FTP doesn’t have. But on the other hand you need to make sure that SSH is properly hardened (no root login, no password authentication, setup ssh keys, non standard port, maybe port knocking).
that’s why I would recommend to use VPN to connect. This will enable you to access all applications at home, without limitations and secured.
Sorry about the delay. Over the last week, somehow I got SMB to work when trying to reinstall the application once more, but the communication is excrutiatingly slow. I’m starting to suspect these issues are related to the ISP router limitations.
did you tried to setup a VPN connection? how does it behave?
I’m having the same troubles on my odroid XU4.
I’ve just wrote a forumpost here on the same matter. with logs and all.
just as an update. Issue of user S10 has been solved and it was totally different one
Hi. I set up wireguard and nothing changed. After fumbling around, I tried setting up an omv and everything works fine (except docker can’t handle network volumes), so the problem must be something I messed up. I’ll just scrub the whole thing and start over.