mailmonster Posted July 3, 2019 Share Posted July 3, 2019 Hello Community I just moved from a qnap nas to an unraid trial. I am really excited because of all the possibilities being offered. However i am missing one thing maybe someone can help me here. On the qnap nas i could install a virtual machine and directly access it via the webgui from internet using only an external 443 redirect to the nas webgui. Within unraid when i create a vm and click on webui it always uses the internal ip so from internet it does not work. I installed nginx proxy manager and created a reverse entry for the unraid webgui but still somehow the configuration would need to be changed so that the vnc traffic can be encapsulated in the nas official ip address and port 443. I hope i could explain the problem . Thanks for any feedback and greetings from germany. Chris Quote Link to comment
JonathanM Posted July 3, 2019 Share Posted July 3, 2019 Currently Unraid is not certified for exposure to the internet, so your best bet is to access everything just as you would locally is via a VPN hosted inside your lan, either on your router, or another device within the network. That said, the easy way is to install teamviewer or some other hosted remote access software inside the VM itself. There are a million ways to accomplish what you are asking, with varied degrees of security. Quote Link to comment
mailmonster Posted July 4, 2019 Author Share Posted July 4, 2019 Thanks for your answer. I think I have to be more precise (means typing not on my smartphone 🙂 to narrow down the million ways. What I want is a complete web based accessibility for the following services that unraid provides webbased when connected in LAN or VPN - Shell access to unraid - graphical access to file manager (e.g cloud commander or command line based midnight commander) - webbased access to virtual machines without any client need (at lest VNC, eventually RDP for windows machines) - reverse proxied access to other webbased services in the LAN e.g. router or other nas system during transition to unraid (forced ssl and frontend authentication) Given the linux based possibilities I would say this can all be accomplished with NGINX reverse proxy manager (already setup) and Guacamole I would currently pursue the following route: Create reverse proxy entries for all web based services that I want to be accessible from extern (e.g. the unraid gui itself ) which means force ssl and letsencrypt certificate and eventually some addon layer of authentication which I do still have to find out like some two factor app on the smartphone When I access the unraid gui from external via nginx it works but the webbased shell access gets no input screen also the url shown in the small windows has changed to the external name. I tried to create a reverse proxy entry and not use the upper right button but also failed until know. I would leave it to that and try guacamole web based ssh access. Guacamole portal itself I will also publish like the unraid webgui via nginx Next issue is webbased vnc access. I would love to have it the following way but I am not a programmer: - click on the vm icon, select webgui of the respective machine and get an embedded vnc window like it does internally but also from the internet. I already left that path and tried to create a nginx reverse proxy entry using different url combinations of the one I got internally when connecting to the test linux vm but failed up to now. So I guess again guacamole might be the better way. to sum it up : as it is not possible to natively use all the links directly from unraid to the webbased services I would tend to build se html5 portal based on guacamole and nginx with ssl and two factor auth to get to all internal webbased services If it was not for power consumption and time I would create a virtual sophos firewall vm which already provides an html5 portal for doing the same any other better ideas / addons / suggestions ? kind regards chris Quote Link to comment
itimpi Posted July 4, 2019 Share Posted July 4, 2019 I am not sure why the suggested VPN based approach does not work for you? It is a well tried method of getting secure access to an Unraid server with the minimum of setup effort. Maybe I am missing something about what you are trying to achieve? I personally establish a VPN link to my home LAN when away from home and then access services just as I do when at home and locally connected to my LAN. Since my router does not have a VPN server built-in I use Unraid itself to host the VPN server (using the OpenVPN-as docker container). This way a single solution gives me access to all my services running at home. Quote Link to comment
1812 Posted July 4, 2019 Share Posted July 4, 2019 (edited) 5 hours ago, mailmonster said: If it was not for power consumption and time I would create a virtual sophos firewall vm which already provides an html5 portal for doing the same I run sophos as a vm on Unraid for my firewall. Uses hardly any extra power and wasn't that bad to setup. There is a thread on here with specifics. But really, vpn is the way to go for simplicity. Edited July 4, 2019 by 1812 Quote Link to comment
mailmonster Posted July 4, 2019 Author Share Posted July 4, 2019 Hi thanks for the answer. Unraid management is not a problem via vpn. I use a fritzbox from avm with built in vpn together with the built in vpn client on my android phone. However i want to be able to access a webbased desktop at home from any internet connected browser without vpn . At least vnc if possible also rdp. So this means i guess guacamole or sophos Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.