How can I access my Time Capsule remotely?

apple.stackexchange https://apple.stackexchange.com/questions/350386

  •  29-04-2021
  •  | 
  •  

Question

Can someone please educate me on exactly how I can access my Time Capsule from any other network aside from my own (over the Internet?)

I don't have a static IP address, so would I need DNS forwarding? Would it involve checking my home network's IP while away? Should I get static IP?

Many thanks!!

Was it helpful?

Solution

If You Have a Time Capsule or an AirPort Extreme Base Station with Shared USB Hard Drive

If you have either a Time Capsule (which is basically an AirPort Extreme Base Station with a built-in 500 GB or 1 TB hard drive) or an AirPort Extreme Base Station (AEBS) with an attached USB hard drive, you can share out the Time Capsule/AEBS hard drive and make it accessible via the Internet. To do this:

  1. Start the Airport Utility.

  2. Select your Time Capsule or AEBS. Make a note of the IP Address shown on the right -- you will need it later.

  3. Click Manual Setup.

  4. Check your "Connection Sharing" setting under the Internet Tab. The following tutorial is valid if your "Connection Sharing" is to "Share a public IP address", the normal setup for a home network. You will need to have a static IP address, or use a free dynamic DNS service. If you have a different type of "Connection Sharing," you probably don't need a tutorial to set up remote access to your disk; adapt this one as needed.

  5. Click Disks (at the top of the dialog box), and then click File Sharing.

  6. Select (check) the "Enable file sharing" checkbox and the "Share disks over Ethernet WAN port" checkbox. It is strongly recommended that you also set Secure Shared Disks to "With base station password" and Guest Access to "Not allowed"; not making these changes may allow unauthorized users to access your Time Capsule/AEBS hard drive.

  7. Click Airport (at the top of the dialog box), and then click Base Station.

  8. Enter a Base Station Password and verify it in the Verify Password box.
  9. Click Advanced (at the top of the dialog box), and then click Port Mapping.

  10. Click the plus sign (+) to add a new port mapping.

  11. In the Public UDP Port(s) and Public TCP Port(s) boxes, type in a 4-digit port number (e.g., 5678) that you choose. In the Private IP Address box, type the internal IP address of your Time Capsule or AEBS that you wrote down in step 2 (for example, 192.168.0.1). In the Private UDP Port(s) and Private TCP Port(s) boxes, type 548. Click Continue.

  12. In the Description box, type a descriptive name like "Time Capsule File Sharing" or "AEBS File Sharing". Then, click Done.

  13. When you have made all changes, click Update.

Your Time Capsule/AEBS will restart. Once it does, you are now ready to connect to the Time Capsule/AEBS hard drive via the Internet. To do this when your MBA is away from home:

  1. In the Finder, click Go > Connect to Server.

  2. Type in the correct domain name or external IP address for your network, plus a colon and the port number you specified in step 11. For example, "www.myhomedomain.com:5678" or "123.123.12.123:5678".

  3. Click Connect.

  4. You will be prompted for your user name and password. The user name can be anything you like; the password should be the password for the Time Capsule/AEBS which you specified above.

  5. Click Connect.

Voilà! You are now connected to your Time Capsule/AEBS hard drive from your MBA. You can access files, copy files back and forth between your MBA and the hard drive, delete files, whatever you want, as long as your MBA remains network-connected. The next time you go to connect, it should go even more quickly (especially if you save your password in your keychain, and if you add your home IP address/domain name to your list of Favorite Servers in the Connect dialog box).

Note that the Time Capsule/AEBS will appear in the Shared section of your Finder's sidebar as a server, with the Base Station Name of the Time Capsule/AEBS as the server name.

Taken from http://forums.dealmac.com/read.php?4,2800627

Additional Info:

I know port forwarding can be a big hassle so I thought I would add that you could also use apple's built in "Back To My Mac" feature. This way you can access your Time Capsule's files as well as accessing you home mac files and screen share with your mac over a secure connection.

Try this article: https://support.apple.com/en-gb/HT204618

OTHER TIPS

I believe the AEBS port should be 5009 for access via Airport Utility. I set up a test network with a Linksys WRT160N router in the middle, and an AEBS and my MacBook connected to LAN ports of the WRT160N. I ran Airport Utility on the MacBook, then tried "Configure Other" (from the File menu). I got a prompt for the IP address and password of the AEBS. I was able to successfully connect when I entered the IP address 192.168.1.2:5009 or just 192.168.1.2, but the connection failed if I tried 192.168.1.2:548.

Next I connected to a "live" WRT160N over the internet. I configured a port forwarding entry (using "Applications & Gaming") for 5009, to forward to an AEBS behind the WRT160N. Then I ran Airport Utility, did another Configure Other, and BINGO! It worked. When I tried the same process using port 548, it failed.

Maybe 548 is the port to use to access files on a Time Capsule, or a disk attached to an AEBS?

Here're 4 methods found on Apple discussion board, https://discussions.apple.com/docs/DOC-3413

You have to set up port forwarding or a NAT on your home internet router mapping the port to the internal ip address of your time capsule.

I would absolutely not do this because the connection from your local machine on your "other network" to your home router/gateway (and also therefore Time Capsule or AEBS) is insecure. [note: this is true even though you can securely remotely configure your Time Capsule or AEBS via AirPort Utility because that connection is most certainly secure/encrypted]

  1. passwords are being sent over the wire, they are probably encrypted, but potentially they are not
  2. files/backups are being sent over the wire, they are very likely not encrypted, though they may be
  3. even if your passwords and files are encrypted, without a secured/encrypted session (such as TLS/SSL/WireGuard) you are vulnerable to a man in the middle replay attack

The proposed solution is insecure.

Much Better Solution: You need to add in either a hardware VPN or a software VPN (running on a computer on the LAN). For most consumer (non-business) use cases, you are going to want a software VPN. It is ideal that this VPN is at the edge of your network so unauthenticated users cannot get beyond the VPN onto your network.

OK, now things just got messy because now you need to know about VPNs, and thats not simple. That's probably why this feature (access files remotely over WAN/internet) was not promoted (even if it has minimal insecure support). So my explanation will stop here. Best of luck!

Worked immediately in a iPhone: https://www.stratospherix.com/support/getting-started-with-timecapsule.php

Licensed under: CC-BY-SA with attribution
Not affiliated with apple.stackexchange
scroll top