I can’t find a way to mount my NFS share, in my Windows 10 client, using the Rockstor NAS public IP, which has correctly exposed over the internet. I can succesfully mount it in an Ubuntu VM (hosted by the same windows machine that can’t mount) and I can succesfully mount it using its local area network IP (when the machine is in the same LAN). I get a “Network Error - 53”, which seems to be a “network path was not found” error. So Maybe the problem is how I pass the NFS path to the “mount” command, but after many different ways, I still can’t find the right path pattern.
Detailed step by step instructions to reproduce the problem
Installed NFS services client on Windows client;
Created the NFS share via Rockstor web gui;
Activated the NFS service via Rockstor web gui;
Forwarded ports 111 and 2049 on my router on my Rockstor NAS machine;
Succesfully test connectivity from the Windows client OUTSIDE the LAN (over internet), pinging the
Rockstor NAS public IP and doing a Telnet on the same public IP on the 2 different forwarded ports;
Succesfully mounted the NFS share while INSIDE the LAN, using the following command: " mount
[local_ip]:/export/[share_name] Z: ";
Launching the following command to mount the NFS share through the public ip: " mount
[public_ip]:/export/[share_name] Y: "; LEADS TO Network Error -53
Tried different ways to pass the path, with slashes, double slashes, backslashes, etc, but with no
success;
Fired up a VM, hosted by the same Windows machine, tried to mount the NFS share through public
IP and it works flawlessy;
Web-UI screenshot
nothing much to post, just the windows command prompt which returns the Network Error -53
Error Traceback provided on the Web-UI
don’t have idea on how to provide this information
@sanviler welcome to the Rockstor community.
While I don’t have any further advice on why it’s working on the VM vs. an actual system (other than ensuring that your firewall rules are not interfering), I do have a question:
Is there a particular reason, you want to have NFS shared over the public internet? Fundamentally, NFS is not considered quite secure without additional precautions, e.g. like it is described here:
Have you considered using VPN (e.g. the WireGuard Rockon, or native WireGuard that is offered with the latest test release), or is your use case for “anybody/any device” (that you want to) to access the NFS shares externally?
I know that a shared NFS over internet is an horrible and awfully insecure practice, but I just wanted to experiment a thing (having all of my roms shared among all of my retrogaming devices which I could use even outside my home network) and I will certainly achieve this, like you suggested, using a VPN client. I first wanted to see if it was possible to access that content from the internet.
Anyway, just some mintues ago, I finally found out the solution, that as always in this case, was too obvious and simple to have think about it at first: windows needed a 3rd port, in the router/firewall, to be forwarded to the NAS. That is the port 20048. Once I forwarded it, I finally managed to mount the share using ALSO the NAS public IP.
I hope this could be helpful to someone that struggled with this same problem of mine!
My experiments are finally over and now it is time to properly setup a VPN, as you kindly suggested. I am trying to configure WireGuard (I’ve found a installable service among the Rock-Ons), but I’m a little stuck on the client side.
I managed to create a tunnel between my PC and the Rockstor unit, but I can’t get any export list, when I do "showmount -e ‘rockstor-vpn-ipaddr’. Could you please guide me, or address me to some resources that I could read/watch, to make this happen?
My client PC is running Windows 11. Ask for any info you need please.
My assumption is that once the tunnel is open, you use your internal Rockstor IP address (i.e. if for example within your network it is 192.168.1.222, after creating the tunnel you should also be able to address it with 192.168.1.222 and not the public VPN address you exposed to the internet). At least that’s how it works for me (I’m not using NFS mounts, but for Samba it works that way for sure).
Can you get to the Rockstor WebUI using the internal IP address when the tunnel is up?
@sanviler Thanks for all this feedback by the way. And glad you got your NFS via VPN working as planned.
Incidentally; re:
@Hooverdan submitted this same Rock-on, among many others as it goes. And has also since, submitted an update. Thanks again for all your efforts across the project @Hooverdan .