I use to be able to look at folders and files on my iMac across the internet with my MacBook Pro. I did this by setting up file sharing on both computers. In finder I would go to my iMac, then proceed to browse folders for what I wanted. Yesterday, I tried to do it and it said it could not connect.
What is wrong?
iMac 27", macOS 10.13
So your goal is to open up your Mac to absolutely anybody to poke at your file servers? Because that’s where this is headed. Your file server will be (very quickly) found, and password attacks will commence, and weak passwords will (eventually) be found. A breach on your internal network may well then be extended to other systems on that same network.
Okay, to do this... Very roughly, high-level...
Your firewall will have to be set to open up access to the AFP or SMB services, and whatever other IP ports you need to expose. That’ll usually be via port forwarding, and you’ll either want a fixed, static IP address from your ISP and a matching DNS translation, or you’ll want a firewall box or some software on one of your systems that updates a dynamic DNS provider with your current dynamic IP address when you’re on dynamic DHCP IP addresses from your ISP.
These newly-open ports will be detected by botnets and by automated scans, and often within minutes.
How to set up port forwarding varies by your firewall, and different firewalls use different terms, and not all ISP firewalls will allow adjustments or all-protocol access.
Some ISPs block certain IP protocols on residential/dynamic IP addresses, too. This reply assumes your ISP allows AFP, SMB, and/or VPN services. Static (business) IP plans usually allow most or all access. Dynamic (residential) can have port blocks, in addition to varying the external IP addresses.
Your remote access will specify your public IP address, and port-forwarding will connect the incoming netowkr connection with the target server through the firewall and the usual NAT network address translation.
Best way to do this is to establish a VPN into your network, and protect your traffic and your access with secure credentials. You’ll establish a VPN from the remote client to the firewall preferably) or to a VPN server on your internal network. From there, the remote client will (mostly) appear to be a client on the target network. AFP, SMB and ither traffic will be protected by the VPN, and—wih the only ports open on the firewall being the VPN—attackers wil have fewer services and fewer credentials to poke at.
Or to avoid all this and use hosted storage from Dropbox or SpiderOak or otherwise, and to keep access to hour internal network restricted.
Welcome to IP networking, DNS, VPNs, NAT, and security.
file sharing over internet say's can't connect
