noncicredoneanche

Q: Time Capsule Remote Access (via Internet)

Hi guys,

first of all, sorry for my bad english

 

I read a lot of threads about how to remotely access a Time Capsule (its hard drive I mean), but I can't still figure out to make it working

 

I followed the nice guide made by Tesserax AirPort Disk - Remote Access (3 Methods) and I chose the 2nd method, since I have registered an account on no-ip , so they provided me a private host (for free of course)

 

This is my actual set up situation (the screenshots are in italian language as im italian but I guess it's pretty easy to understand those fields)

 

Home Network Configuration: Modem/Router (very old) used only as Modem + TimeCapsule linked to it by WAN (the TC is the router: it manages DHCP and NAT)

 

Internet Settings:

359n7zo.jpg

 

 

Dynamic Global Host Name

ifye04.jpg

 

 

Network:

34rsop4.jpg

 

 

Disks:

2drchvr.jpg

 

 

What I managed

 

1) Right Click on Finder icon - using my home internet connection (I mean, the Mac is cabled to the TC via ethernet) - Connect to Server

It asked me to provide the server address --> I put fisso.ddns.net --> Enter --> I got into the TC HDD

N.B. Typing directly fisso.ddns.net the address changes automatically to afp://fisso.ddns.net and i guess that's normal because afp is the Apple protocoll

2) Same thing described at point 1, but typing  smb://fisso.ddns.net . It took a little bit longer but worked fine (smb is Samba, Windows protocoll, am I wrong?)

 

What I almost managed

 

I tried the ''final'' test that is the main thing I'd like to do (remote access via 3g smartphone or similar)

 

I turned off ethernet connection plugging off the cable from my Mac

I started an HotSpot from my Galaxy S5 and I connected my Mac to this HotSpot (by this way, I simulated a real external connection, like I was away from home and I tried to access the HDD from my phone

 

That's what I got:

 

1) If I type fisso.ddns.net on Connect to Server field (so it changes automatically to afp://fisso.ddns.net) it works fine

2) If I type smb://fisso.ddns.net on Connect to Server field  it attemps to connect but fails (timeout or something like that)

 

Of course, I also tried using Android Apps like Astro File Manager, ES File Explorer, andSMB etc ... but they didnt work.

Actually, about those apps, I have a doubt: when they ask me User and Pass I dont know if I have to type User+Pass of my no-ip account or User+Pass used to access to TC's HDD (the ones it asked me after I connected via Finder). Anyway, I tried all the possible combinations of these infos, without any luck

 

I also installed the no-ip Daemon so it can keep hostname and my dynamic ip up to date (running in background)

 

The only app that gave me a ''small'' feedback has been Astro: when I tried to connect, It let me see the HD Airport (icon) on the screen, like It was connected to it, but after few sec It gave me back this error: BlueError: BAD_NETPATH

 

 

Again sorry for my trashy english, and thanks everyone for the they you (i hope) will spend reading my post

Time Capsule, OS X Mavericks (10.9.5)

Posted on Aug 29, 2015 6:36 AM

Close

Q: Time Capsule Remote Access (via Internet)

  • All replies
  • Helpful answers

Page 1 Next
  • by LaPastenague,Helpful

    LaPastenague LaPastenague Aug 29, 2015 3:14 PM in response to noncicredoneanche
    Level 9 (52,825 points)
    Wireless
    Aug 29, 2015 3:14 PM in response to noncicredoneanche

    1) If I type fisso.ddns.net on Connect to Server field (so it changes automatically to afp://fisso.ddns.net) it works fine

    This is great.. you have got it working correctly.

     

    ) If I type smb://fisso.ddns.net on Connect to Server field  it attemps to connect but fails (timeout or something like that)

    Also correct.

     

    SMB is not made available to WAN. SMB is not secure and it should never be used outside of vpn tunnels.

     

    You must access the TC remotely over AFP .. not over SMB.

     

    Of course, I also tried using Android Apps like Astro File Manager, ES File Explorer, andSMB etc ... but they didnt work.

    Actually, about those apps, I have a doubt: when they ask me User and Pass I dont know if I have to type User+Pass of my no-ip account or User+Pass used to access to TC's HDD (the ones it asked me after I connected via Finder). Anyway, I tried all the possible combinations of these infos, without any luck

    All of this is correct.. it doesn't work and it isn't supposed to work. You misunderstand what the TC is.. it is an Apple backup device.. But Apple only provide remote access as a concession and only from a Mac.. Apple made no provision for any other device .. because AFP protocol is not used on even on apple's idevices.

     

    You can open SMB to the outside world.. it is extremely dangerous to do so and eventually you will be hacked.

     

    See the method here.

    http://www.stratospherix.com/support/gsw_timecapsule.php?page=6remote

     

    The most important part to understand here is that SMB is not available.. so in order to access it a deliberate port forward needs to be created.

     

    Also note the comment that apple are actively resistant to this.. so it might have worked on older firmware but they are trying to stop it now.. it is insecure.

     

    This is the wrong way to access remotely.

     

    Replace your dsl modem with a modem router that includes vpn server. Or do it like you have done in the TC.. use a router that has vpn server.

     

    Place the TC in bridge mode and plugged into the vpn server.. you can then use PPTP which is available in almost all devices.. android, PC, Mac, iOS.

    That is the correct method for SMB access.

  • by noncicredoneanche,

    noncicredoneanche noncicredoneanche Aug 29, 2015 4:49 PM in response to LaPastenague
    Level 1 (0 points)
    Aug 29, 2015 4:49 PM in response to LaPastenague

    Man, I really have to thank you, because you explained it in a very clarified way how it works

     

    You said that:

    SMB is not made available to WAN. SMB is not secure and it should never be used outside of vpn tunnels.

     

    You must access the TC remotely over AFP .. not over SMB.

     

    So, if I have a vpn server installed on my Mac it could work right? Of course having a vpn router would be the best choice as you said, but at the moment I dont have one

     

     

    thanks a lot, again, for your time

     

    P.S. as soon as I'll have enough time, I'll try that way to open SMB to the outside and, at lest, I'll check if it works (I'll keep in mind about the danger)

  • by LaPastenague,Helpful

    LaPastenague LaPastenague Aug 29, 2015 7:10 PM in response to noncicredoneanche
    Level 9 (52,825 points)
    Wireless
    Aug 29, 2015 7:10 PM in response to noncicredoneanche
    So, if I have a vpn server installed on my Mac it could work right?

    VPN on the Mac will allow you to connect to the Mac not the TC.. It is also harder because the wake on lan is not always successful.

     

    A VPN router need not be expensive. DD-WRT on a suitable router will give you PPTP and openvpn which is very good.

     

    But play around for sure.. that is how you learn.. the more the better.

  • by noncicredoneanche,

    noncicredoneanche noncicredoneanche Aug 30, 2015 4:57 AM in response to LaPastenague
    Level 1 (0 points)
    Aug 30, 2015 4:57 AM in response to LaPastenague

    VPN on the Mac will allow you to connect to the Mac not the TC.. It is also harder because the wake on lan is not always successful.

     

    You just went to the second point that I'm intersted in (maybe a little bit out of topic, I apologize)

     

    If I'd like to access to my Mac when I'm away from home, I should install a vpn server on the machine ... that's what I understood till now

    About the wake on lan function, I think there are no problems because I'll let the Mac (and modem+TC) always on

    Could you please teach me how to do that? Maybe just a link about a software to install, or something like that... thank you a lot again!

     

     

    P.S. today I'll try to ope those ports mentioned on that guide you linked before, and I'll let you know

  • by noncicredoneanche,

    noncicredoneanche noncicredoneanche Aug 30, 2015 6:54 AM in response to LaPastenague
    Level 1 (0 points)
    Aug 30, 2015 6:54 AM in response to LaPastenague

    UPDATE

     

    I just tried FileBrowser, as mentioned in that guide

     

    I set the app in the same way, so putting port 20445 (instead of the default 445), and on Address i put fisso.ddns.net (also tried using directly the ip I had in that moment).

     

    I got this error

     

    foto 1.PNG

     

    foto 2.PNG

     

    Just to be sure, I also turned the Firewall off, but didn't work at all.

     

    I noticed, on the second screenshot, that It asked about 445 port. It should be already open (as private TCP); if I also try to open 445 as public TCP , the TC gave me the error saying something like: 445 port is already used by File Sharing; deactivate it or change the port

     

    I also think it's about firewall (or port) issues because I tried this app using my local internet connection (it usually works using finder, just typing smb://fisso.ddns.net), but still gives me this error. Notice that, when I tap on the icon, the app attemps to connect and instantly asks me user and pass (so there is a connection, isn't it?) but after I type them, it goes on Connection Time out (and gives me back those errors about 445 port and firewall). Very strange. What I'im trying to say is that, if it works using Finder, why it doesn't work using an external app (well configured, using the same local connection)?

     

    N.B. it's my girlfriend's iphone

     

    thanks

  • by noncicredoneanche,

    noncicredoneanche noncicredoneanche Aug 30, 2015 9:21 AM in response to noncicredoneanche
    Level 1 (0 points)
    Aug 30, 2015 9:21 AM in response to noncicredoneanche

    UPDATE 2:

     

    talking about vpn, I think I found out my solution ---> http://www.cyberghostvpn.com/en

    So, no need to buy an expensive vpn router (of course, it's enough for my limited persona use)... have you ever used a service like that? I'd like to talk about this in private (pm are allowed on this forum?) because this is not the real topic of this thread; I dont wanna be too much off topic

  • by LaPastenague,

    LaPastenague LaPastenague Aug 30, 2015 2:39 PM in response to noncicredoneanche
    Level 9 (52,825 points)
    Wireless
    Aug 30, 2015 2:39 PM in response to noncicredoneanche

    Did you fix the TC port mapping as well??

     

    I see you have done a load of stuff on the phone.. but to get a successful remote connection remember you have to forward port 20445 to 445 (ie port translate) in the TC.

     

    If you did all that and it didn't work.. then apple has blocked it.. and that is for your own security.

     

    So, no need to buy an expensive vpn router (of course, it's enough for my limited persona use)... have you ever used a service like that?

    http://www.cyberghostvpn.com/en_us

     

    This is NOT what you need. This is a vpn service.. it is used to bypass country controls.. so you can say browse files in the US as if you are in the US.

     

    It is not for remote access to your own computer.

     

    You are also quite mistaken if you think these services are less expensive than buying your own router.. as I already stated a router that is suitable for the job is $50 US.. the service you picked is $70..

     

    Have you ever used logmein or teamviewer.. ??

     

    Why don't you try with those services?

    Try teamviewer as it is free for personal use.

     

    https://www.teamviewer.com/hi/download/mobile.aspx

    Logmein hassles you.. they seem to have gone down the money path.

     

    These are much easier to use than vpn service.. the reason is, that you do not need to open ports.. they work by an application on the computer opening ports to the server.. and then making a connection via that server for the remote connection.

     

    VPN is better but is harder to setup..

     

    You do need to run a vpn server in the Mac.. and IMHO with the need for wake on lan and dynamic IP you are making it too hard for yourself.

     

    But well worthwhile if you want to experiment.. you can download and install openvpn server for Mac.

     

    eg. https://www.stevesell.com/?p=36

     

    Or buy the upgrade to Mac OS server which includes vpn servers and not just clients.

     

    IMHO this is still wrong way to do it..

     

    VPN should live on the router that controls your network.. It is not expensive.. and in the end it will be far more reliable using a standard router with decent firmware and vpn .. eg gargoyle is one I use.

     

    because this is not the real topic of this thread; I dont wanna be too much off topic

    It is your thread.. you can take it where you like..

     

    But I am happy to open a vpn connection to you so you can see what is happening.

     

    My email is open in the profile.. so just roll your mouse over me.. and contact me direct.. There is no pm service here.

  • by noncicredoneanche,

    noncicredoneanche noncicredoneanche Aug 30, 2015 5:01 PM in response to LaPastenague
    Level 1 (0 points)
    Aug 30, 2015 5:01 PM in response to LaPastenague
    If you did all that and it didn't work.. then apple has blocked it.. and that is for your own security.

    Yes, I did all that... so I guess we can defnetley say that remote access to TC via SMB is not possibile at the moment . An Android app that allowed AFP protocol would be the solution, but since that protocol is ''private'' I think we'll never see an app like that

     

    This is NOT what you need. This is a vpn service.. it is used to bypass country controls.. so you can say browse files in the US as if you are in the US.

    It is not for remote access to your own computer.

    I'm quite noob about this topic, so yes... I messed up the vpn service with the remote access via vpn (router)

     

    Have you ever used logmein or teamviewer.. ??

    I do have teamviewer installed on my Mac, and I have already used it, but I don't wanna access my Mac by this way; I mean, I don't need/want to see the Mac's desktop on my smartphone, just the HDD so I could access to my files. Can Teamviewer do that without ''streaming'' the entire desktop? If it can, well I solved my problem

     

    otherwise, could you link me an not expensive and easy to set up router with vpn feature inside?

     

    Thank you a lot

  • by noncicredoneanche,

    noncicredoneanche noncicredoneanche Aug 30, 2015 5:31 PM in response to noncicredoneanche
    Level 1 (0 points)
    Aug 30, 2015 5:31 PM in response to noncicredoneanche

    UPDATE:

     

    I solved by my self

     

    I installed Teamviewer on my smartphone; after opened it, I chose ''Files'' instead of the standard ''Connection'' menu (at the bottom of the app screen); it asked me about pass and some stuffs (I saved my Mac on my bookmarks, so I can access it just typing the name and the password I've chosen) ... and voila!  My Mac's HDD showed like a charm

     

    Now the tricky thing: I could also access to my TC's HDD; all I needed has been mounting the HDD on my Mac (Finder --> clicking the TC icon on the Shared menu on the left bar --> opening the TC's HDD). At this point, Teamviewer app could see the TC's HDD (the right folder is ''Volumes''; I could reach it just browsing through my Mac's root folder)

     

    So, after days spent on this work, I just realized I almost wasted all my time, because there was an super easy way to do what I had in my mind... so funny

     

    Just the last question: if the TC's HDD unmount itself (my because I dont use it for a long time, like a ''timeout'') or I just forget to mount it before I go outside .. how could I ''re-mount'' it to let Teamviewer app to see it?  Because, in that case, in the folder ''Volumes'' I wouldn't see ''AIRPORT HD'' for sure

     

    thank you!

  • by LaPastenague,

    LaPastenague LaPastenague Aug 30, 2015 5:40 PM in response to noncicredoneanche
    Level 9 (52,825 points)
    Wireless
    Aug 30, 2015 5:40 PM in response to noncicredoneanche

    Yeap.. good solution.. far easier than any other remote access method.

     

    how could I ''re-mount'' it to let Teamviewer app to see it?

    The TC should be able to be permanently mounted..

     

    If not manually mount it in finder.. preferably when you are at home so the values are all there for your remote teamviewer lookin.

     

    Mount as AFP://TCname or AFP://TCIPaddress (where TCname is the correct network name of the TC and TPIPaddress is 10.0.1.1 or whatever IP it has.. which must be static).

     

    You can also use SMB://TCIPaddress.. and is advisable on mavericks and later OS.

     

    From the remote aspect it doesn't matter which you use.

     

    Remember to save the password in the keychain.

  • by noncicredoneanche,

    noncicredoneanche noncicredoneanche Aug 30, 2015 6:02 PM in response to LaPastenague
    Level 1 (0 points)
    Aug 30, 2015 6:02 PM in response to LaPastenague

    I  haven't found out a real solution to keep the TC's HDD always mounted.

    It seems you can auto mount it at login just adding a login item (through the System Preferences --> Users --> Login) but I don't really know how to keep it mounted. Maybe I forgot some steps or preference; do you remember something about that?

     

    thanks

     

    P.S. can be the ''turn off disks when it's possible'' check box in the Power Saving preference? (System Preferences menu), because atm it's checked

  • by LaPastenague,

    LaPastenague LaPastenague Aug 30, 2015 6:30 PM in response to noncicredoneanche
    Level 9 (52,825 points)
    Wireless
    Aug 30, 2015 6:30 PM in response to noncicredoneanche

     

     

     

    P.S. can be the ''turn off disks when it's possible'' check box in the Power Saving preference? (System Preferences menu), because atm it's checked

    That is not relevant to a TC.

     

    Automount of the disk. See.

    http://support.apple.com/kb/HT1331


    Auto Mount Time Capsule

     

    AP Time Capsule Intermittantly Not Connecting

     

    There are plenty of posts about how to automount.. most are going to say the same thing.. but nothing is Yosemite should be taken for granted.

     

    Tesserax in the last reference has a method of scripting the mount with login. Try it.. and tell me if it works.

     

    What is supposed to work and what actually works via remote access.. is likely to bare no relationship to each other.

  • by noncicredoneanche,

    noncicredoneanche noncicredoneanche Aug 31, 2015 4:03 AM in response to LaPastenague
    Level 1 (0 points)
    Aug 31, 2015 4:03 AM in response to LaPastenague

    as I said before, I did found many posts about ''auto mount at login'', but nothing about ''keeping the disk mounted''

    I read those 2 links; both of them are about auto mounting the disk

     

    btw.. thank you a lot man for your great support, we really rocked here

     

    See you

  • by LaPastenague,

    LaPastenague LaPastenague Aug 31, 2015 12:58 PM in response to noncicredoneanche
    Level 9 (52,825 points)
    Wireless
    Aug 31, 2015 12:58 PM in response to noncicredoneanche

    The disk can be mounted but unavailable..

     

    Remember the disk in the TC is not and never was or will be a NAS server. It is a backup device. And Apple specifically said.. it is not for remote backup only local. Nor is it directly under the control of the local computer.. The disk will spin up when you try to access files.. and only when you do that.. you have no control.. none .. whatsoever.. over spinup in a TC. Apple did not bring controls out .. and it is a demand system..

     

    The disk must spin down a few seconds after you stop accessing files.. it will take time therefore to spin up and make files available.

     

    I have a time capsule sitting (as well as a couple of proper NAS on my network, one of which is missing ie not mounted).. I powered on the computer.. the TC is mounted in Finder.

     

    When I booted the Mac from cold today.. very unusual as it is usually in sleep.. the disk in the TC did not spin up.

     

    Screen Shot 2015-09-01 at 5.48.26 AM.png

     

    Same with the nas-server.. the disk will only spin up when you actually want to access files..That makes the response time fairly long when you start up the system.

     

    If you have issues getting the disk to spin up when you access remotely.. then my suggestion is .. plug in a USB drive to the computer.. it has to be local to really respond to demands to spin up.

     

    I am happy to help in what or however I can.

Page 1 Next