Jump to content

Recommended Posts

carlanoid132
Posted

cant connect over remote unless on the internal via tailscale or something like that. realistically want it linked to my domain and be able to remote connect safely without other clients needing anything but emby. i have port forwarded all relevant ports to the correct internal ips. tried mullvad and proton for vpns but they dont offer a dedicated open port for me to use. using canyouseeme to check if ports are open shows nothing but either refused or time outs on the ping. thanks for reading 

Posted

Hello carlanoid132,

** This is an auto reply **

Please wait for someone from staff support or our members to reply to you.

It's recommended to provide more info, as it explain in this thread:


Thank you.

Emby Team

carlanoid132
Posted

following up quickly. i have considered using caddy/ nginx reverse proxy but it is genuinely just so overwhelming at this point. just wanna be dome with it tbh lol. i own a domain through cf and thats about it for setup.  

Q-Droid
Posted

This might get you pointed in the right direction, the CF tunnel part, not Emby Connect.

 

carlanoid132
Posted

thanks. i've read that it isnt the best to use cf as a tunnel as opposed to a nginx reverse proxy but i still gotta figure out how to pass this cgnat properly im guessing. actually being able to connect remotely without tailscale and stuff.

Q-Droid
Posted (edited)

CF tunnel is the component to use when CGNAT is a problem. It's purpose is similar to Tailscale. A reverse proxy serves in a different role and will not circumvent CGNAT.

CloudFlare has a suite of services. Proxy, Tunnel, WAF, CDN, Security, etc.

 

 

Edited by Q-Droid
pwhodges
Posted

A reverse proxy is not a tunnel, so won't solve this anyway.

CF tunnel or TailScale are the most recommended solutions.

Have you tried simply asking your ISP if they can give you a routable (i.e. not cgNAT) address?  Some people have had success with this.  I don't know if some ISPs would charge for it, but certainly some users here have reported getting it without a charge.  In some cases it's been a DHCP address, so some kind of DDNS has been required to follow any address changes.

Paul

carlanoid132
Posted

i think its dhcp but they wont let me open any ports at all on my network. the rules are there they just dont apply lol. i have a router downstairs in router mode with a ap in my room connected. the ap is setup with a static route and is fowarded correctly so it isnt a issue there. it literally will refuse any connection outside the network even if i open the port. same for windows firewall ect ect. so moving onto the cf, will they not ban my account for using it to run emby through. i saw reports of cached media leading to account deletions which is why i considered a nginx reverse proxy instead. i am very new to this part of stuff. should i just run the cf tunnel software on my host pc which the emby server is on? thanks again

Q-Droid
Posted

Make sure you don't have double NAT going on. Is the router yours or the ISP device? 

 

mohoelx
Posted

I would wonder why not just use Tailscale? I was using it a couple of years with T-Mo home internet before I switched to fiber when it bcame available in my area.

 

carlanoid132
Posted
15 minutes ago, mohoelx said:

I would wonder why not just use Tailscale? I was using it a couple of years with T-Mo home internet before I switched to fiber when it bcame available in my area.

 

more faff and effort for the enduser. the people on this server struggle to download emby, nevermind login to tailwind.

carlanoid132
Posted
4 hours ago, Q-Droid said:

Make sure you don't have double NAT going on. Is the router yours or the ISP device? 

 

i have my isps router in modem mode, connected to my own main router. which then goes upstairs to my second router. second router is set as AP

Q-Droid
Posted (edited)

If you're certain that it's CGNAT at the ISP and not double NAT at home then your options are VPN/tunnel offerings like Tailscale, CF tunnel or other VPNs that offer inbound port forwarding.

Edit: or as mentioned before static IP or other options from the ISP that might put you on a public IP.

 

Edited by Q-Droid
pwhodges
Posted
6 hours ago, carlanoid132 said:

i think its dhcp but they wont let me open any ports at all on my network.

At this point DHCP is irrelevant.  The question is whether they are simply blocking all incoming ports by policy, or have implemented cgNAT which blocks any incoming connection at the IP level.  Either way, you can ask your ISP for a solution.

If you're worried they may get upset by Emby, tell a different story - like you need incoming access to your machine for work when travelling.

Paul

carlanoid132
Posted

thanks for the replies guys. turns out basically the entire network was kinda borked. didnt know i had to set the other routers to have the same ssid, only had put them in ap mode. so now thats all under 1 network. still getting the same issue. gonna login to the isp modem tomorrow and see if theres anything i have missed. opinions on something like purevpn? that supports port fowarding and goes on about how its used to pass cgnat. would this not work?

 

carlanoid132
Posted
2 hours ago, pwhodges said:

At this point DHCP is irrelevant.  The question is whether they are simply blocking all incoming ports by policy, or have implemented cgNAT which blocks any incoming connection at the IP level.  Either way, you can ask your ISP for a solution.

If you're worried they may get upset by Emby, tell a different story - like you need incoming access to your machine for work when travelling.

Paul

im not 100% sure. im hoping its just a case of me being a idiot and setup the isp modem correctly. 80/443 are open but i still cant connect via those ports unless connected through home wifi. not even tailscale lets me connect remotely now

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...