Advice on Network attached Storage??

Ya I have a 1TB OneDrive that comes with my ~$10 a month Office subscription but 1TB goes pretty fast. 3 iPhones taking 4K video non stop, backups for half a dozen PCs, etc

If you think OneDrive and Google drive are “secure”, I’ve got bad news for you. The only secure storage is local.

Excellent point!

My NAS has 2 drive slots, but I bought 3 total drives. First drive is storage, second drive will be a duplicate of that. Third drive will be installed periodically to be a copy of the first. That third drive will live in my safety deposit box at the bank. I do the same thing with my SSDs that contain operating systems and programs. Years ago I did a proper install of all my programs on an SSD. That is my “master copy”. From there I cloned that drive to two other SSD and they run in my house and shop computers. Every now and then I clone the main shop computer to yet another SSD to have a backup copy the “updated” system.
.
.
I realize how all that cloning must sound sketchy or unreliable, but so far I have never had any problems with it as long as I run the same type of drives, and you absolutely must take the cloned drive and boot it from the original computer (in my case the shop pc) and let everything level out and debug a few minutes before plugging that drive into any other computer. Of course any paid software must be re-keyed if you put it into another PC, but I started with a hard copy of windows so no problems with the OS.
.
.
Question:
I am thinking about using the same router that runs my internet for the system rather than creating an air gaped network using a second router. If I plugged the NAS into the router using LAN. Then plugged two computers into the router using LAN cables to give both PCs access to the data pool in the NAS. Am I correct in assuming that the data traveling across those cables would NOT be using my internet data? But the computers would still have internet access through those same cables if I did go online right? If that is correct I am thinking I will just create the VPN for security and then also I could access the NAS remotely using the VPN?

Data can move across those cables in the local area network (“LAN” or “your house” if you prefer) without touching the internet or your data cap. Unless you block it, they’ll also be able to talk to the internet.

Basically, they’ll be part of the same LAN as the Wi-Fi devices unless you do something to separate them.

A VPN is a virtual private network that is used to communicate across two or more private networks as if they were one. It generally works in both directions.

You can use a VPN to hide the true destination of your traffic from your ISP (what most people are talking about when they say “get a VPN” these days) or you can use it for secure remote access since the data flowing across the VPN will be encrypted. I’m not sure that your ISP router would support it, but you could use OpenVPN or wireguard to set up a VPN for remote access from one of your computers for free.

I was thinking today that I can plug my NVIDIA shield directly into the NAS with a USB 3.1 cable so that i won’t have any issues with enough bandwidth. The shield will be sitting right beside the router and NAS, with an HDMI and CAT8 going up through the ceiling into my media room and plugged into my 4K Laser projector… This will be so sweet

My network struggles if I’m streaming a large 4K HDR Atmos video across my network

.
If my ISP router is a turd and I cannot set up for remote acess to the data on my NAS. Would I still be able to keep all of the data secure where guests accessing the wifi network would not be able to get into it? Or is it an all or nothing deal, either your router supports VPN or it does not?

Sorry to be a bit late replying…

It’s a thoroughly trimmed down Debian Linux distribution, apparently. The file system is either EXT4 or BTRFS.

If your NAS are Synology, then it like computer and you can protect access to it with username and password.
VPN are for other things.

Matik’s point is a good one, that you will be able to set up access control (via username/password ) on most NAS devices.

VPNs are more for remote access (like if you take a trip, but need to work on some of your files at home from the road), or privacy on networks you don’t control (if you’re out and about, and need to access your bank account over some public Wi-Fi or hiding your activity from your internet service provider).

Your router may have a “guest mode” for your wireless network, which would be the easiest way to protect your network from untrusted devices connected to the Wi-Fi. Typically “guest mode” will isolate each wireless client connected to the guest network so that they can only communicate with the internet and not anything on the local network. This, plus password protection on the NAS should be pretty good for anyone you’d trust in your house but not on your network. If you don’t have a “guest mode” option, you could get a device called an access point that would have that feature, and run your Wi-Fi network off of that instead of your router. I like the Uni-Fi AP AC Lite for about $100. You’d have to run a cable from the router to a central location in your house and mount it to the ceiling like a smoke detector.

It looks like there’s a way to run an OpenVPN server right on a synology NAS Set up OpenVPN Server on Synology NAS – Tyler Woods

I’m not knowledgeable on network stuff though… I’d love to be able to securely tunnel into my home network

The VPN functionality is another reason why I plug Mikrotik routers, they come with VPN functionality built-in:

I use SyncThing. That’s going to make all your file access local, and synchronizing just runs in the background. That means synchronization may not be instantaneous, but except for huge files, by the time you get up and walk to the other computer, they’re usually going to be up-to-date.

ETA: Syncthing is like your own private dropbox optionally using the NAS as a central server/backup.

That only works if you have enough space on all your PCs/laptops for a local copy of everything. I don’t have a Synology, but according to DDG, syncthing can run on it.

I’ve never had a network and drive fast enough to let me do video editing on a remote mount. Even raw photo editing is sluggish over the Wifi for me, so I avoid the “one server with everything mapped to the same drive” approach, but it might work for you.

@manithree: I’ve read a lot about SyncThing, looks like a great product. How CPU and RAM intensive is it? The problem for me is that my NAS is extremely under-powered, basically enough for the kernel and SMB and rsync to run and not much else.

That’s a good point actually. Same experience for me with WiFI. But the thing for me is that I need different data on different machines, my main workstation needs to have a local copy of most of the important files as well as any heavy projects that I’m currently working on, and I would want most of those same folders to be duplicated on the NAS. But then my auxiliary laptop might only need occasional access to some of those files. I guess I could choose with SyncThing different folders to be synced on different machines right? And only 1-way syncing too?

The only time I’ve had a problem with that is on Android. If I leave it running I notice the battery drain. I usually just start it when I want to sync, then stop it.
On my desktops, I’ve never even seen it show up in top. Compared to Crashplan, it’s trivial.

Besides using some battery on Android, my only other issue with syncthing is that it has a power user interface. Yes, you can have multiple shares, choose 1-way or bi-directional synch. It is VERY flexible. A little confusing at first, but once you get it set up, it just works.

I have my two desktops synchronizing with each other and my htpc. The htpc is the “backup” but if it’s down the 2 pcs keep right on sharing. And I have a small share for things I want to share with my phone.

Cool, thanks @manithree, good to know that.

HA! I happen to have a Mikrotik. They’re amazing but they’re also a royal pain in the butt to program and setup if you’re not a CCNA or something.

I’m using SynologyDrive to sync files between my computers and back them up. Best thing I’ve found about it thus far is that it is a LOT faster than GoogleDriveShareFileWhatever-its-called-now. I shouldn’t be surprised that it is faster since the storage is local…

:smiley: True enough. Under the “Quick Set” tab you can get most of the common functionality working with a few clicks like in any other router. But anything beyond that does get a bit arcane.

Wow that looks amazing. So you can easily access your files remotely without the hassle of VPN’ing into your home network? I’m like out of space on all my drives. So tempted to grab the D18 you guys showed me and some of the 18 TB helium drives

I wonder if it’s possible to stream music from the Synology NAS to my iPhone that way?

Mikrotik has some good stuff. I have come across a few here and there and they give a nice feature set for the money.

I’ll typically install Ubiquiti gear (Edge series over UniFi typically) when I’m on a budget for similar reasons. You can run OpenVPN directly on an Edgerouter lite and it’ll route 1M packets per second. A lot of the setup is command line though, so it’s hard to recommend for someone that doesn’t already know what they are doing or at least a desire to learn. In my case I have scripts for common setups and all I have to change are the relevant IP addresses then run the script. Makes setup super quick and repeatable for how I use them.

I think in OP’s case, using LTE means he probably has to contend with CGNAT and a VPN probably won’t work without an endpoint outside his network to keep the connection open (or get a static IP from his ISP if available).

Something like ZeroTier might work if he needs layer 2 esque networking when remote. The free offering allows 50 “network members”, which would be plenty.