Jump to content

Difficulty accessing server

crusher11

By crusher11
in General/Windows

 Share

Recommended Posts

pir8radio

pir8radio   1292

Posted
Posted

Enabled NGINX and http access is still working. An attempted https connection to @@pir8radio's server failed.

 

So it's a CloudFlare SSL thing, surely?

 

so connecting to my server via samsung failed?   what happened, I have a few samsung users i think...   thats strange, ill check the logs.. 

Link to comment
Share on other sites
crusher11

crusher11   851

Posted
  • Author
Posted

When trying to access my server via https through the browser app packaged with the Samsung TV it just throws a "server not found" error. I'm assuming the same would be true of your server, since it'd be the same issue.

 

The Samsung user also reports a significant increase in buffering between the IP:PORT server and the HTTP-and-NGINX server.

Link to comment
Share on other sites
pir8radio

pir8radio   1292

Posted
Posted

Enabled NGINX and http access is still working. An attempted https connection to @@pir8radio's server failed.

 

So it's a CloudFlare SSL thing, surely?

 

I just checked my logs I do not see a samsung trying to connect..   if you are comfortable sending me your internet ip i can search to see if I see that anywhere.. Pm it to me if so.

Link to comment
Share on other sites
pir8radio

pir8radio   1292

Posted
Posted

If it's failing at the CloudFlare level it wouldn't make it onto the NGINX logs would it?

 

depends......    if its a ssl cert issue, that your tv doesnt like, i would think you would still see the request the tv just wouldnt like the response...     But I cant tell unless i know your ip to look for it in my logs..  

Link to comment
Share on other sites
Luke Emby Team

Luke   37065

Posted
Posted

Bump.

 

In all honesty, you've used such a non-standard configuration, just one example being having nginx share the same port with Emby...that I think the answer is we don't know the answer to your problem. If you want to make it easier for us to help you then start with @@pir8radio's nginx configuration, and accept our advice when it comes to port assignments.

Link to comment
Share on other sites
crusher11

crusher11   851

Posted
  • Author
Posted

Seriously? My ports are fine, we established that it was simply a miscommunication as to whether "ports" referred to the public ports or the local ports, I'm already using @@pir8radio's config, and the issue this thread is discussing even occurs when trying to access pir8radio's server, so no, my setup is not the issue here.

 

Troubleshooting this temporarily got sidetracked by the emby update that broke some NGINX configs but this is an issue that predates that update significantly, doesn't occur over HTTP when NGINX is enabled, occurs over HTTPS when NGINX is disabled, and only affects the Samsung TV and none of my other devices.

Link to comment
Share on other sites
pir8radio

pir8radio   1292

Posted
Posted (edited)

the IP and port i can access your emby server with.

 

 

You might have to do some more reading on nginx, or do away with it..   Nginx takes work and knowledge of what its doing or it causes problems.. 

Edited by pir8radio
Link to comment
Share on other sites
crusher11

crusher11   851

Posted
  • Author
Posted (edited)

Why would the IP of my server help you see anything in your server's log?

 

The fact that I can connect via HTTP with NGINX on and cannot connect via HTTPS whether NGINX is on or not - not to mention the fact that the Samsung can't connect to your server either - indicates it isn't an NGINX issue.

Edited by crusher11
Link to comment
Share on other sites
pir8radio

pir8radio   1292

Posted
Posted

uh...  because i can only search for samsung, which didnt show up, now i can search for your ip and see what was going on..   samsung tv is obviously working for other emby users,,,  just trying to help you...   but thats cool.. lol  its not nginx then...  I probably cant help then..  Good luck.

Link to comment
Share on other sites
pir8radio

pir8radio   1292

Posted
Posted

So you need the IP of the Samsung, not the server, right?

yes   I assumed they were in the same house.  so it would be easier to just look at your emby dashboard for the wan address....  

Link to comment
Share on other sites
ebr Emby Team

ebr   14913

Posted
Posted

yes   I assumed they were in the same house.  so it would be easier to just look at your emby dashboard for the wan address....  

 

Yeah - this is key as the IP address from any external entities standpoint is going to be the external IP address of your router.

Link to comment
Share on other sites
crusher11

crusher11   851

Posted
  • Author
Posted

The Samsung TV is connecting remotely, which is why trying to sort out domains and SSL and NGINX and everything else is causing an issue in the first place. If it were on my network I'd just be connecting locally and calling it a day, there'd be no need for the extra hassle.

 

 

There's a few entries in my NGINX log along these lines:

 

 

162.158.166.162 - - [06/Feb/2020:21:43:10 +0800] "GET /emby/system/info/public HTTP/1.1" 200 167 "-" "Mozilla/5.0 (Linux; Tizen 2.3) AppleWebKit/538.1 (KHTML, like Gecko)Version/2.3 TV Safari/538.1" "xx.xxx.xx.xx" 0.001 80 "-"

 

162.158.166.162 belongs to CloudFlare. I'm assuming the other IP is the TV's IP, and thus the one you're after? An IP locator has it coming from the right ISP but the wrong state, but I guess that can happen with dynamic IPs and such?

Link to comment
Share on other sites
pir8radio

pir8radio   1292

Posted
Posted

The Samsung TV is connecting remotely, which is why trying to sort out domains and SSL and NGINX and everything else is causing an issue in the first place. If it were on my network I'd just be connecting locally and calling it a day, there'd be no need for the extra hassle.

 

 

There's a few entries in my NGINX log along these lines:

 

 

 

162.158.166.162 belongs to CloudFlare. I'm assuming the other IP is the TV's IP, and thus the one you're after? An IP locator has it coming from the right ISP but the wrong state, but I guess that can happen with dynamic IPs and such?

yep

Link to comment
Share on other sites
crusher11

crusher11   851

Posted
  • Author
Posted

I'd emailed CloudFlare about this as well, and finally heard back from them although I'm not really sure what this means:

 

 

Hi there,

I have checked with my team and the following is the origin facing ciphers, unfortunately we are unable to alter them due to security settings, you may refer to this (https://github.com/cloudflare/sslconfig/blob/master/conf) for the latest list for your future reference,

TLS 1.2 and earlier
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA
AES128-GCM-SHA256
AES128-SHA
ECDHE-RSA-AES256-SHA384
AES256-SHA
DES-CBC3-SHA

TLS 1.3
TLS_AES_128_GCM_SHA256  {0x13,0x01}
TLS_AES_256_GCM_SHA384  {0x13,0x02}
TLS_CHACHA20_POLY1305_SHA256    {0x13,0x03}

In order to proceed, please either update your configuration, otherwise you may also grey-cloud your DNS record so it is not proxying through Cloudflare for it to work.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...