Avro
Dabbler
- Joined
- Mar 14, 2015
- Messages
- 11
HI;
Running 9.3 as a home NAS. I have multiple 'shares' that correspond to mapped network drives on my PC. In the house, I also have two LANs, one for the important stuff, one for guests and other things I don't fully trust. Both are managed through a separate gateway machine.
I recently purchased an Android TV box and have it connected to the guest LAN. I'd like to give it access to my media files (music, etc.) on the FreeNAS server, but without having the TV box connected through the private LAN. So, I configured the second NIC on the FreeNAS server and plugged it into the guest LAN. I also created a user account for the Android device.
So far so good. I can used a File Explorer app on the TV box to access the music and video files.
The trouble is that when I logged in, it (Android) could also access some of the other shares on the NAS. This is specifically what I don't want. In attempts to lock things down, went through each share on FreeNAS and restricted the entire guest LAN sub-net (192.168.x.x/24), except the media share, in which I specifically allowed the IP of the Android box.
Still working, and although I (...it) can 'see' the other shares - they show up as folders on the screen in the explorer app - the box can't access them.
Is there a simpler way? Can I not just create a 'user' that has read-only access to just one folder, and no access to (not even viewing) anything else? As it stands now, the Android box CAN delete files.
Thanks in advance!
Running 9.3 as a home NAS. I have multiple 'shares' that correspond to mapped network drives on my PC. In the house, I also have two LANs, one for the important stuff, one for guests and other things I don't fully trust. Both are managed through a separate gateway machine.
I recently purchased an Android TV box and have it connected to the guest LAN. I'd like to give it access to my media files (music, etc.) on the FreeNAS server, but without having the TV box connected through the private LAN. So, I configured the second NIC on the FreeNAS server and plugged it into the guest LAN. I also created a user account for the Android device.
So far so good. I can used a File Explorer app on the TV box to access the music and video files.
The trouble is that when I logged in, it (Android) could also access some of the other shares on the NAS. This is specifically what I don't want. In attempts to lock things down, went through each share on FreeNAS and restricted the entire guest LAN sub-net (192.168.x.x/24), except the media share, in which I specifically allowed the IP of the Android box.
Still working, and although I (...it) can 'see' the other shares - they show up as folders on the screen in the explorer app - the box can't access them.
Is there a simpler way? Can I not just create a 'user' that has read-only access to just one folder, and no access to (not even viewing) anything else? As it stands now, the Android box CAN delete files.
Thanks in advance!