Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Remote Access from Intenet

Featured Replies

Anyone doing remote access to their UnRaid server from the internet (i.e. not local net).  I've got JuiceSSH which can do SSH and Telnet.  I don't see OpenSSL or OpenSSH in the UnMenu.  I believe that has been moved to a Docker?  I see that Docker management has been moved inside the WebGUI, but can't find that.  Is there some instructions somewhere?

I see that Docker management has been moved inside the WebGUI, but can't find that.  Is there some instructions somewhere?

You'll find most of the relevant instructions in the stickies in the docker thread, or my repositories thread links to most of them in the OP, and additionally RobJ's wiki on upgrading from v5 to v6 also has some pointers in the docker section

 

 

If your router is capable of VPN, you can access your unRAID from the Internet that way as well.

  • Author

My WNDR4000 supports both VPN passthrough and IPv6.  Is just a standard VPN tunnel through the firewall to the specific ports 192.168.xxx.xxx:23 what I need?

VPN passthrough won't help. It simply allows the firewall to pass VPN traffic for clients inside the network connecting to external VPN's. What your router needs is the ability to be a VPN server.

 

I don't believe the WNDR4000 has the capability with stock firmware, but not certain. DD-WRT or Tomato firmware can do VPN server if the router is capable of running either.

  • 2 weeks later...
  • Author

Ok, I was able to setup port forwarding in my WNDR4000 and forwarded port 80/port 23 traffic to the server internal address and it works great.  Telnet asks for a password - good, however, the webgui does not!  So any hack can hack into my unraid server just by going to the proper port!  I've turned that off for now...

 

Is there a way to setup a password to access unRAID webgui?

  • Author

Just answered my own question.  It didn't require a password because I hadn't put a password on root yet.  Problem solved!  As soon as I had a root password, webgui asks...

Just answered my own question.  It didn't require a password because I hadn't put a password on root yet.  Problem solved!  As soon as I had a root password, webgui asks...

 

It's always great having users solve their own problems, answer their own questions ...    ;D

 

I think I'll take a break now, after all this hard work, providing such great support!

 

It's always great having users solve their own problems, answer their own questions ...    ;D

 

I think I'll take a break now, after all this hard work, providing such great support!

Buy yourself a beer
  • Author

A round for everyone!  Oh, wait, there's still that pesky NIC issue...and the can't delete shares issue...and...no rest for the weary...argh!  No beers for me just yet...

  • Author

And...one more down, turns out the 'cant delete share' is a known issue...  one more down and closer to that beer...  Now the question is dark or light, can or draft, craft or microbrew...so many decisions...  ;)

  • Community Expert

I wouldn't do this without VPN, regardless of how good my root password is. Opening port 80 to the internet is definitely going to have people knocking on your door loudly and constantly even if they can't break it down. If you can't or don't want to do VPN a simpler approach might be to install Teamviewer on another computer on your LAN and get into your network that way.

I wouldn't do this without VPN, regardless of how good my root password is. Opening port 80 to the internet is definitely going to have people knocking on your door loudly and constantly even if they can't break it down. If you can't or don't want to do VPN a simpler approach might be to install Teamviewer on another computer on your LAN and get into your network that way.

+1 I briefly was using my server as an FTP server (with an insanely hard password), and within a day I was noticing intermittent attempts at breaking in.
  • Community Expert

And by people, I actually mean people using automated means to do it so you can expect a lot of attempts very quickly and unceasingly.

CAVEAT EMPTOR: unRAID is not secure, not even for your local LAN. I strongly advise against putting it even within arms reach of the internet.

Not sure what you are trying to do when accessing your server over the Internet.

 

I have been using TeamViewer which allows me to access my Windows workstation remotely. And from there I can do anything I want with my unRAID server.

  • Author

Warnings heard.  :o

 

I have teamviewer and it works great on a PC, I've used it from all over the world to great affect.  However, on an android phone, its not so great.  I did find a telnet app (Juice) that works really well - but only if port 23 was opened.

 

What other options are there to access the webgui (other than tools like VNC, Teamviewer, etc)... 

 

Eventually I want to open up plex to allow friends to access my library, you have to open a port for that (32400 I think), right?  How does one resolve that issue?

Eventually I want to open up plex to allow friends to access my library, you have to open a port for that (32400 I think), right?  How does one resolve that issue?

You're right on plex.  A port does have to be forwarded (or once again use a VPN)  However, (assuming you're running the docker version), if it is possible for someone to completely hack their way through plex and gain access to the files on the server, then at least (if you setup the volume mapping properly), they will only have read only access to your media files, and no access to other files at all.

 

If you open up the unRaid's GUI to the world, a hacker could potentially access all of your files, and delete / modify anything they want.  Using docker mitigates that scenario.

Warnings heard.  :o

 

I have teamviewer and it works great on a PC, I've used it from all over the world to great affect.  However, on an android phone, its not so great.  I did find a telnet app (Juice) that works really well - but only if port 23 was opened.

 

What other options are there to access the webgui (other than tools like VNC, Teamviewer, etc)... 

 

Eventually I want to open up plex to allow friends to access my library, you have to open a port for that (32400 I think), right?  How does one resolve that issue?

 

I use JuiceSSH , please don't port forward port 23 (telnet) that is a script kiddie delight.

If you need command line use only ssh and only ssh.

I have don't  problem with ssh being port forwared with an insanely hard password. take a look at this https://howsecureismypassword.net/ however the teamviewer is a better option if you do not feel safe exposing your unraid box.

 

 

Eventually I want to open up plex to allow friends to access my library, you have to open a port for that (32400 I think), right?  How does one resolve that issue?

You're right on plex.  A port does have to be forwarded (or once again use a VPN)  However, (assuming you're running the docker version), if it is possible for someone to completely hack their way through plex and gain access to the files on the server, then at least (if you setup the volume mapping properly), they will only have read only access to your media files, and no access to other files at all.

 

First going to agree with all the posts that came before, you need to be very careful when attempting this.

 

Two things about fowarding ports for Plex. When you decide to foward this port you are basically relying on Plex to not have exploitable bugs.  This is still true when running Plex in Docker. Docker does help a lot and makes things far better as Squid said, but you are at the end of the day still relying on Docker to be free of exploitable bugs. Last Nov-Dec there was a flaw in Docker which allowed containers to elevate their privileges and break out of their container. This was fixed quickly but to wrap this story up there is alwasy the risk of a new bug / exploit being found in a program you are using. There was a bug in Bash that was found last year that apparently existed for 10+ years.

 

If you foward ports you are taking a risk, but it can be a calculated risk.

Fowarding 32400 for Plex is far less risky, but not free of risk, than say fowarding 80 for HTTP or 23 for Telnet.

 

Edit: Additional note, Emby (competitor to Plex) gives the option of only allowing HTTPS for external connections. This isn't fully implemented in every client yet, but that's the direction they are going. Clients are a bit less mature on Emby in general making using Emby a bit more complicated right now... but that might change in the future as well.

 

I think current best pratice is running a VPN service, and using that to connect to your equipment remotely.

  • 2 weeks later...
  • Author

Apparently, Netgear feels they have solved this problem ;)

 

With regard to your inquiry, NETGEAR router's UPnP feature is enabled by default. It is because there are incoming programs that are active and can be access through your network. When the UPnP is enabled it is not vulnerable for any attacks. NETGEAR routers do have a built-in firewalls. Rest assured that the router is not vulnerable to any attacks.

 

Also, NETGEAR routers DoS attack is also a feature of the router that is by default enabled. If you are seeing on the logs that there is an attack it does not mean that it can affect your local network or connection. It is just giving you a warning or informing you that there is an attack that is coming on your local network.

 

Just love the advice from someone in the philippines...

Apparently, Netgear feels they have solved this problem ;)

 

With regard to your inquiry, NETGEAR router's UPnP feature is enabled by default. It is because there are incoming programs that are active and can be access through your network. When the UPnP is enabled it is not vulnerable for any attacks. NETGEAR routers do have a built-in firewalls. Rest assured that the router is not vulnerable to any attacks.

 

Also, NETGEAR routers DoS attack is also a feature of the router that is by default enabled. If you are seeing on the logs that there is an attack it does not mean that it can affect your local network or connection. It is just giving you a warning or informing you that there is an attack that is coming on your local network.

 

Just love the advice from someone in the philippines...

 

::)

 

I loled.

Warnings heard.  :o

 

I have teamviewer and it works great on a PC, I've used it from all over the world to great affect.  However, on an android phone, its not so great.  I did find a telnet app (Juice) that works really well - but only if port 23 was opened.

 

What other options are there to access the webgui (other than tools like VNC, Teamviewer, etc)... 

 

Eventually I want to open up plex to allow friends to access my library, you have to open a port for that (32400 I think), right?  How does one resolve that issue?

 

I use a variety of methods.  An Apache web server on docker to access certain apps using SSL only and password protected.

 

OpenVPN on my router (you could use it on your Unraid machine - just my router has it build in so super easy) once connected I then use juicessh if I want to use a terminal, or just access my webui via a browser on my phone or tablet.

 

What functionality is it that you need remote access for? Anything in particular?

 

If you don't have a fixed IP then you need some dynamic DNS service which Plex has built in for it's own uses only, as well as Plex I personally use ddclient to update namecheap.com where I bought my domain name to use with Apache.

 

So I can therefore go to https://myserver.com/app

 

Works well for things like Sonarr, couch, NZBGet, Owncloud, COPS E-book library.

 

I then use NZB360 and the owncloud client on my android.

 

Not necessarily straight forward to set up to but rewarding.

 

I have an asus rt-n66u which is running asus wrt-merlin firmware, it is very close to stock firmware and pretty much endorsed by asus, setting up the VPN on this is such a breeze, set user and password then it lets you export the certs to use on another machine with a client..i FTP and access the unraid GUI through the VPN

I have an asus rt-n66u which is running asus wrt-merlin firmware, it is very close to stock firmware and pretty much endorsed by asus, setting up the VPN on this is such a breeze, set user and password then it lets you export the certs to use on another machine with a client..i FTP and access the unraid GUI through the VPN

 

Yeah, I've got a AC-68U, can't run Merlin firmware as it has a built in modem, but OpenVPN setup is a doddle.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.