How to set up a remote NAS using OpenMediaVault and Meshnet

Learn how to set up a remotely accessible NAS using OpenMediaVault and Meshnet.

Introduction

Having a robust network-attached storage (NAS) solution is vital in today’s digital landscape. Whether for personal or professional use, such a system is essential for storing and managing important files, including legal documents, invoices, or family photos and videos.

A frequent choice for a NAS solution is the free and open-source software OpenMediaVault (OMV). It’s an easy-to-use and highly customizable file-managing system that does not require extensive technical knowledge to set up. In addition, OMV offers web-based management, user and group access control, and plugin support for extending its functionality.

However, accessing shared folders on your NAS is typically limited to the same local area network (LAN) when ports are not opened on your router. Thankfully, with Meshnet, you can connect to your NAS remotely without compromising network security. Meshnet allows using encrypted network tunnels to share data between your NAS and your end devices.

This guide describes how you can use OpenMediaVault to set up a remote NAS and access it using Meshnet.

Installing OpenMediaVault

There are several ways in which you can install OpenMediaVault. This article demonstrates installing the OpenMediaVault 7.4.0-2 (Sandworm) operating system in a virtual environment. However, the setup procedure is the same on bare-metal machines.

  1. Download the ISO installation image from the OpenMediaVault downloads page.

  2. Follow the instructions in the Installation using an ISO image article in the OpenMediaVault documentation to complete the installation.

For alternative installation methods, see the OpenMediaVault documentation.

Install available updates

After installing the OMV, you should update it by accessing the NAS using an SSH connection. SSH access for the user root is enabled by default. To install the updates, follow these steps:

  1. Open Command Prompt (on Windows) or Terminal (on macOS and Linux).

  2. Connect to your NAS via SSH by running this command, where <server> is the local IP address of the NAS:

    ssh root@<server>

    Example

    ssh root@192.168.1.56

  3. Enter the root password you created during the installation process.

  4. Run this command to gather and install all available updates:

    apt update && apt upgrade -y

  5. During the update process, you may be asked for keyboard inputs. Choose your input according to the on-screen information.

  6. Once the updates finish, reboot your NAS.

Configuring a NAS

OpenMediaVault has an intuitive web interface that allows you to configure various folder-sharing options. To access the web interface:

  1. Open your internet browser.

  2. Enter the local IP address of your NAS to the internet browser and press Enter. Example 192.168.1.56

  3. Log in to the administrator account using the default OpenMediaVault web interface credentials.

    • User name: admin

    • Password: openmediavault

Now you have full control of the NAS from within your internet browser.

Change the default password

First, make sure to change the default password of the OpenMediaVault web interface to minimize the risk of unauthorized access.

  1. Click User settings > Change password in the upper-right corner.

  2. Enter your new password in both fields and click Save.

Personalize your dashboard

Once the password has been changed, you can customize your OMV dashboard. The dashboard allows you to monitor the status of various essential services.

  1. Head back to your dashboard by clicking the Dashboard tile.

  2. Click the settings page link.

  3. Select the widgets you want to see on your dashboard and click Save.

All of the selected widgets are now visible on the OpenMediaVault dashboard.

Check disk availability

Before changing any further settings, it is essential to check if OpenMediaVault can see your storage mediums. You can do so by going to Storage > Disks.

If any of your storage devices are not displayed, click the Scan for new devices button and select Yes to confirm.

Set up a file system

Note

If you use more than one disk for storage, you should configure a redundant array of independent disks (RAID).

In the OpenMediaVault web interface, RAID options can be found in Storage > Software RAID.

A file system is a method that an operating system uses to manage data on a storage disk. Without setting up a file system for your storage medium, you cannot share any folders as they will not be recognized as directories by the operating system.

To set up a file system:

  1. Go to Storage > File systems.

  2. Click the Create and mount a file system button and select a file system, for example, EXT4.

  3. Select your storage from the Device dropdown and click Save.

  4. Wait for the process to finish and select Close.

  5. Choose your created file system from the File system dropdown, add any relevant tags, and click Save to mount the file system.

  6. In the Pending configuration changes panel, click the Apply button.

  7. Select Yes to confirm.

The file system is now mounted on the operating system, and you can view it in the File systems section.

Create shared folders

With the file system ready, you can start creating shared folders.

  1. Go to Storage > Shared folders.

  2. Click the Create button.

  3. Fill in the required information.

    • Name: Enter any name for your shared folder.

    • File system: Select the file system you have set up.

    • Relative path: Enter a custom path to the folder you want to share. This section is filled in automatically after entering the name.

    • Permissions: Choose what permissions people accessing the shared folder have.

    • Tags: Add any relevant tags.

  4. Click Save.

  5. In the Pending configuration changes panel, click the Apply button.

  6. Select Yes to confirm.

Your shared folder should now appear in the Shared folders table.

Enable sharing services

Though the shared folders have been created, they are currently inaccessible since no folder-sharing services are active. To enable sharing for your created folder:

  1. Go to Services > SMB/CIFS > Shares.

  2. Click the Create button.

  3. Make the following adjustments:

    • Shared folder: Select the folder you created earlier.

    • Public: Select No to allow only authenticated user access.

  4. Click Save.

  5. Navigate to Services > SMB/CIFS > Settings.

  6. Select the Enabled checkbox at the top to enable SMB/CIFS sharing and click Save.

  7. In the Pending configuration changes panel, click the Apply button and select Yes to confirm.

Your shared folders are now fully set up and functional.

Note

If you wish to use your shared folder for macOS Time Machine backups, select the Time machine support option when enabling SMB/CIFS for the folder.

Creating new user accounts

Currently, shared folders can only be accessed using the administrator account credentials, which is not recommended. A better and safer approach is to create individual user accounts for each person accessing the NAS. This ensures that your administrator credentials remain private and minimizes the risk of unauthorized access to the NAS.

  1. Go to Users > Users.

  2. Click the Create | Import button and choose Create.

  3. Fill in the following fields:

    • In the Name field, enter a username for the new account.

    • In the Password and Confirm password fields, type in a secure password for the new user. Example

  4. Click Save.

  5. In the Pending configuration changes panel, click the Apply button and select Yes to confirm.

The newly created account should now be displayed in the Users table.

Setting up NordVPN

To allow remote connections to the NAS, you need to install NordVPN and enable Meshnet. Since the OpenMediaVault operating system is based on Debian, you can install and use the Linux version of the NordVPN app hassle-free.

Install NordVPN on the NAS

Follow these steps to set up NordVPN on your NAS:

  1. Access the NAS using SSH.

  2. Download and install the NordVPN app for Linux by running the command below.

    sh <(wget -qO - https://downloads.nordcdn.com/apps/linux/install.sh)

  3. Log in to your NordVPN account.

Log in to NordVPN

You can log in to your NordVPN account without the use of a graphical user interface (GUI) in two ways:

  • By running the nordvpn login command with the --token flag

  • By running the nordvpn login command with the --callback flag

Instructions for both methods are outlined below.

Log in using a token
  1. On any device, log in to your Nord Account dashboard and select the Meshnet (by NordVPN) card.

  2. Under Manual setup, select Set up NordVPN manually.

  3. Enter the verification code sent to your email address.

  4. Under Access token, click Generate new token.

  5. In the dialog that appears, choose either a token that expires in 30 days or one that never expires, and then select Generate token.

  6. Select Copy and close.

  7. On your NAS, run the nordvpn login --token <your_token> command, replacing <your_token> with the copied token. Example

    nordvpn login --token 3fe460cefb8dcf1478c92e45903cec9f9bdbadf7a456a6dfb35dc2c58ee39d5b

You should now see a welcome message.

Log in using a URL
  1. Run the nordvpn login command.

  2. Open the provided link in your browser on any device.

  3. Complete the login procedure.

  4. Right-click the Continue button and select Copy link address.

  5. Run the nordvpn login --callback "<URL>" command, replacing <URL> with the previously copied link address. Example

    nordvpn login --callback "nordvpn://login?action=login&exchange_token=MGFlY2E1NmE4YjM2NDM4NjUzN2VjOWIzYWM3ZTU3ZDliNDdiNzRjZTMwMjE5YjkzZTNhNTI3ZWZlOTIwMGJlOQ%3D%3D&status=done"

You should now see a welcome message.

Tip

To preserve your token when logging out of the NordVPN app, use the nordvpn logout --persist-token command. Otherwise, your token will be revoked.

Enable Meshnet

On your NAS, enable Meshnet on Linux by typing in this command:

nordvpn set meshnet on

To view the Nord name and Meshnet IP address of your NAS, enter the following command:

nordvpn meshnet peer list

Example

You will also see the list of your linked devices that can access this NAS over Meshnet.

Connecting to the NAS over Meshnet

Your Meshnet devices should now be able to access the shared folders you have created on your NAS. To access the shared folders from your NAS, use this format <server>/<shareName>, where <server> is the Nord name or Meshnet IP address of the NAS and <shareName> is the name of the shared folder.

Example

secret.meerkat-alps.nord/MeshnetStorage

For detailed, OS-specific instructions on accessing shared folders, see the following articles:

Additionally, you can access the OpenMediaVault web interface over Meshnet by entering the Nord name or the Meshnet IP address of the NAS in your internet browser’s address bar.

Example

Last updated

© 2024 Nord Security. All Rights Reserved.