fogpuppy 1 Posted June 16, 2020 Share Posted June 16, 2020 I find that I have to click the option "Connection to this Emby Server" to allow a web browser to connect even though the client IS on the same local network (subnet). I get a "Forbidden" message. Once I connect the Remote access option the web browser works fine. I CAN connect with the Emby app. (not sure if that is related or useful info). Am I misunderstanding the meaning of Remote? I assumed that would mean outside my local network... Link to comment Share on other sites More sharing options...
mastrmind11 717 Posted June 16, 2020 Share Posted June 16, 2020 9 minutes ago, fogpyppy said: I find that I have to click the option "Connection to this Emby Server" to allow a web browser to connect even though the client IS on the same local network (subnet). I get a "Forbidden" message. Once I connect the Remote access option the web browser works fine. I CAN connect with the Emby app. (not sure if that is related or useful info). Am I misunderstanding the meaning of Remote? I assumed that would mean outside my local network... do you have an external domain set up for the server? if so and you're using the domain name in the browser, it has to go out to the internet then back in to your server (unless you have loopback setup on your router). the app is smart enough to use the IP directly when on your local network. Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 16, 2020 Author Share Posted June 16, 2020 I'm using a domain name of xxx.local:8096 which is a dmain name resolved by the local (in house) DHCP server provided by the router. So it *should* not go outside .... Link to comment Share on other sites More sharing options...
mastrmind11 717 Posted June 16, 2020 Share Posted June 16, 2020 2 minutes ago, fogpyppy said: I'm using a domain name of xxx.local:8096 which is a dmain name resolved by the local (in house) DHCP server provided by the router. So it *should* not go outside .... yeah that wouldn't do it. hmm. what happens when you use the IP though? Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 16, 2020 Author Share Posted June 16, 2020 A direct ip address does not trigger the issue.I have left the LAN Networks field blank in networking because as I read it ... it should keep my local 192.168.x.x addresses as local by default Also if I ping the Emby server I get PING bbair-ife.local (192.168.7.57): 56 data bytes 64 bytes from 192.168.7.57: icmp_seq=0 ttl=64 time=106.811 ms So it definitely appears that dns lookup is resolving to a local address. Shouldn't the logic be ... look up the address ... then check to see if it's local .... Link to comment Share on other sites More sharing options...
mastrmind11 717 Posted June 16, 2020 Share Posted June 16, 2020 and you have no proxy anywhere in between? Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 16, 2020 Author Share Posted June 16, 2020 I *would hope* this has no bearing on the problem/answer but my server is running Unbuntu linux. Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 16, 2020 Author Share Posted June 16, 2020 no proxy servers Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 16, 2020 Author Share Posted June 16, 2020 not sure if this helps in any way .... but here is the routes table form the Mac I'm trying to connect from. 192.168.7.57 is the Emby server and 192.168.7.49 is the Mac netstat -rn Routing tables Internet: Destination Gateway Flags Netif Expire default 192.168.7.1 UGSc en1 127 127.0.0.1 UCS lo0 127.0.0.1 127.0.0.1 UH lo0 169.254 link#7 UCS en1 ! 169.254.147.245 0:5:cd:2b:93:f5 UHLSW en1 ! 192.168.7 link#7 UCS en1 ! 192.168.7.1/32 link#7 UCS en1 ! 192.168.7.1 4c:1:43:a8:5:c2 UHLWIir en1 1162 192.168.7.21 f8:38:80:e4:5b:80 UHLWIi en1 164 192.168.7.24 b4:f6:1c:5c:92:e8 UHLWIi en1 1032 192.168.7.28 b0:fc:d:af:33:41 UHLWI en1 1090 192.168.7.32 f8:38:80:57:c5:2 UHLWI en1 1028 192.168.7.39 74:d6:37:5a:1c:37 UHLWI en1 251 192.168.7.49/32 link#7 UCS en1 ! 192.168.7.54 8c:49:62:2d:c7:d4 UHLWI en1 1090 192.168.7.57 5c:80:b6:95:9c:e6 UHLWIi en1 1036 192.168.7.67 28:ff:3c:9e:c9:31 UHLWIi en1 628 224.0.0/4 link#7 UmCS en1 ! 224.0.0.251 1:0:5e:0:0:fb UHmLWI en1 239.255.255.250 1:0:5e:7f:ff:fa UHmLWI en1 255.255.255.255/32 link#7 UCS en1 ! Internet6: Destination Gateway Flags Netif Expire default fe80::%utun0 UGcI utun0 default fe80::%utun1 UGcI utun1 ::1 ::1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 UcI lo0 fe80::1%lo0 link#1 UHLI lo0 fe80::%en6/64 link#5 UCI en6 fe80::aede:48ff:fe00:1122%en6 ac:de:48:0:11:22 UHLI lo0 fe80::aede:48ff:fe33:4455%en6 ac:de:48:33:44:55 UHLWIi en6 fe80::%en1/64 link#7 UCI en1 fe80::7:fd8a:fb20:7e69%en1 a4:83:e7:19:32:b3 UHLI lo0 fe80::826:f6fd:3740:f000%en1 28:ff:3c:9e:c9:31 UHLWI en1 fe80::c3c:cfcd:5dfe:1013%en1 f8:38:80:57:c5:2 UHLWI en1 fe80::ca5:318a:c7b:5d74%en1 f8:38:80:e4:5b:80 UHLWI en1 fe80::5dea:5c37:eb54:d5ed%en1 5c:80:b6:95:9c:e6 UHLWI en1 fe80::%awdl0/64 link#9 UCI awdl0 fe80::6422:30ff:fe8f:645a%awdl0 66:22:30:8f:64:5a UHLI lo0 fe80::%llw0/64 link#10 UCI llw0 fe80::6422:30ff:fe8f:645a%llw0 66:22:30:8f:64:5a UHLI lo0 fe80::%utun0/64 fe80::1631:bbab:b8ca:3623%utun0 UcI utun0 fe80::1631:bbab:b8ca:3623%utun0 link#16 UHLI lo0 fe80::%utun1/64 fe80::4c33:64d1:a97b:7298%utun1 UcI utun1 fe80::4c33:64d1:a97b:7298%utun1 link#17 UHLI lo0 ff01::%lo0/32 ::1 UmCI lo0 ff01::%en6/32 link#5 UmCI en6 ff01::%en1/32 link#7 UmCI en1 ff01::%awdl0/32 link#9 UmCI awdl0 ff01::%llw0/32 link#10 UmCI llw0 ff01::%utun0/32 fe80::1631:bbab:b8ca:3623%utun0 UmCI utun0 ff01::%utun1/32 fe80::4c33:64d1:a97b:7298%utun1 UmCI utun1 ff02::%lo0/32 ::1 UmCI lo0 ff02::%en6/32 link#5 UmCI en6 ff02::%en1/32 link#7 UmCI en1 ff02::%awdl0/32 link#9 UmCI awdl0 ff02::%llw0/32 link#10 UmCI llw0 ff02::%utun0/32 fe80::1631:bbab:b8ca:3623%utun0 UmCI utun0 ff02::%utun1/32 fe80::4c33:64d1:a97b:7298%utun1 UmCI utun1 Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 16, 2020 Author Share Posted June 16, 2020 BTW i see similar problems form my iPhone and my iPad on the same network .... Link to comment Share on other sites More sharing options...
Luke 37178 Posted June 16, 2020 Share Posted June 16, 2020 Did you customize any server network settings? Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 16, 2020 Author Share Posted June 16, 2020 You mean on the Emby server ... Nope. And the Linux setup is about as vanilla as it gets. I'm running no firewalls, proxies, etc. Just a straight up DHCP config from the wifi router. Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 17, 2020 Author Share Posted June 17, 2020 Any more thoughts here. I also get this problem in my stand alone linux hotspot where my server acts as it's own hotspot. It's not a huge issue but I'd like to try to get to the botten of the problem. Link to comment Share on other sites More sharing options...
Happy2Play 8332 Posted June 17, 2020 Share Posted June 17, 2020 You are saying there are no settings applied on Dashboard-Network, correct? I know that is the only way I have ever got Forbidden. Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 17, 2020 Author Share Posted June 17, 2020 I have changed nothing on the Server - Network section of the Emby server config (excpet to change the "remote access" which seems to be what fixes the issue but also opens up the server pretty widely. Link to comment Share on other sites More sharing options...
Happy2Play 8332 Posted June 17, 2020 Share Posted June 17, 2020 4 minutes ago, fogpyppy said: I have changed nothing on the Server - Network section of the Emby server config (excpet to change the "remote access" which seems to be what fixes the issue but also opens up the server pretty widely. That would suggest Emby sees your connections as Remote. Is Emby showing a LAN and WAN access on the Dashboard. Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 18, 2020 Author Share Posted June 18, 2020 The dashboard shows a valid IP address of 192.168.7.xxxx:8096 for Local and a 142. address for Remote (when I have it turned on). The device trying to connect in also on a 192.168.7.xxxx. So they are both on the same subnet. Link to comment Share on other sites More sharing options...
Happy2Play 8332 Posted June 18, 2020 Share Posted June 18, 2020 Only thing I can think of is appling LAN network setting to see if it works. Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 18, 2020 Author Share Posted June 18, 2020 are you saying fill in Area at the top of netowrk that defines what is "local". I can do that ... but as I read it it seems like it shoudl already be automttically allowing all 10. and 192.168 addresses .... right? Link to comment Share on other sites More sharing options...
Happy2Play 8332 Posted June 18, 2020 Share Posted June 18, 2020 (edited) 17 minutes ago, fogpyppy said: are you saying fill in Area at the top of netowrk that defines what is "local". I can do that ... but as I read it it seems like it shoudl already be automttically allowing all 10. and 192.168 addresses .... right? No it should only be allowing everything on the same subnet as the server. I could be wrong but @Luke are all private networks considered local? If left blank, only the server's subnet and common private IP subnets (10.0.0.0/8, 192.168.0.0/24, etc.) are considered to be on the local network. But there would appear to be something going on with your setup though, if I am following this topic correctly things only work if you Allow Remote Connections, correct? Edited June 18, 2020 by Happy2Play Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 18, 2020 Author Share Posted June 18, 2020 (edited) I agree there is most definitely "something going on" in my setup thought it's not very "exotic".. I'm about to try resetting the entire box back to a freshly install Ubuntu OS and only installing only the minimal stuff I need to make the Emby server run. Then If it happens again I'll have a 100% clean reproduce case ... If I do and it still happens is there any additional information that people want me to collect that might be useful beside the logs? Edited June 18, 2020 by fogpyppy Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 19, 2020 Author Share Posted June 19, 2020 Ok I *think* I know what's going on. I installed Emby on my Mac and I'm getting the same issue. Here is what I was able to figure out. If I hit it by domain name "mac-mini.local" I get a forbidden. If I hit it by IP address then it works. So I decided to ping by domain name and I got a connection but it's an IP6 address not a IP4 address. but I did check and it seems like they are still both on the same ip6 subnet if I remeber my IP6 address info well enough). The addresses in question are: iPad addresses: fd0b:2f0a:3eff:1:8fc:2aae:68cd:56aa and fd0b:2f0a:3eff:1:7125:b88:a234:2659 mac (emby server) address: fd0b:2f0a:3eff:1:1406:a9a3:818:1164 and fd0b:2f0a:3eff:1:1942:abb7:e83a:1a8d Router address (if it matters): fe80::4e01:43ff:fea8:5c2 So ... not sure why dns lookup is deciding toe return a ip6 address instead of an ip4 one but ... should it matter? They are still in the same still in the same local subnet. Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 19, 2020 Author Share Posted June 19, 2020 one last bit of data (sorry for the multiple messages) but the ping by name was actually returning the link local adrdess of fe80::14dd:4bfb:6bb4:12b9 and I did confirm that is the correct link local for the mac server. Link to comment Share on other sites More sharing options...
fogpuppy 1 Posted June 19, 2020 Author Share Posted June 19, 2020 and from the log you can see it is connecting using a valid ip6 link local address from my iPad. So it looks like ip6 support does NOT understand link local addresses as being "local" 2020-06-19 12:24:51.228 Info HttpServer: HTTP GET http://[fe80::14dd:4bfb:6bb4:12b9]:8096/. UserAgent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Mobile/15E148 Safari/604.1 2020-06-19 12:24:51.228 Info HttpServer: HTTP Response 403 to fe80::1849:62ab:e96:9eae%7. Time: 0ms. http://[fe80::14dd:4bfb:6bb4:12b9]:8096/ Link to comment Share on other sites More sharing options...
Luke 37178 Posted June 19, 2020 Share Posted June 19, 2020 We'll take a look. Thanks for reporting. Your workaround for now would be to connect by ip address. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now