tomnjerry74 93 Posted September 10, 2020 Share Posted September 10, 2020 (edited) Hello, Right now I have my server set up using a reverse proxy on my Synology like so: The problem is, I am unable to use the "Forgot Password" feature on the web app, despite being on the home network. If I try to use this feature on any web app, I am met with "Please try again within your home network etc..." However, it does work on the mobile app, which is able to properly detect if I am on the home network or not. Why isn't this working in the web ui? Edited December 27, 2020 by tomnjerry74 Link to comment Share on other sites More sharing options...
Luke 37060 Posted September 10, 2020 Share Posted September 10, 2020 Hi, most likely Emby Server is unable to see the original ip address of the client device due to your reverse proxy configuraiton. Link to comment Share on other sites More sharing options...
tomnjerry74 93 Posted September 10, 2020 Author Share Posted September 10, 2020 58 minutes ago, Luke said: Hi, most likely Emby Server is unable to see the original ip address of the client device due to your reverse proxy configuraiton. Why is the mobile app able to see the original ip if it's using the same domain? Is there a way to make this work in the web ui? I would prefer not to have to rely on the apps to reset passwords. Link to comment Share on other sites More sharing options...
Luke 37060 Posted September 10, 2020 Share Posted September 10, 2020 The mobile app is probably automatically switching to a lan address, that would be my guess. Link to comment Share on other sites More sharing options...
Luke 37060 Posted September 10, 2020 Share Posted September 10, 2020 I would suggest comparing your reverse proxy configuration to that of @pir8radio Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 13, 2020 Share Posted September 13, 2020 On 9/10/2020 at 12:57 PM, tomnjerry74 said: Why is the mobile app able to see the original ip if it's using the same domain? Is there a way to make this work in the web ui? I would prefer not to have to rely on the apps to reset passwords. why are you using the domain name and going through the reverse proxy when at home? what IP address shows up in the emby admin dashboard when you connect with each device? Link to comment Share on other sites More sharing options...
tomnjerry74 93 Posted September 13, 2020 Author Share Posted September 13, 2020 13 hours ago, pir8radio said: why are you using the domain name and going through the reverse proxy when at home? what IP address shows up in the emby admin dashboard when you connect with each device? Because I'm talking about a mobile device that goes everywhere with me. I stream stuff from the server all the time outside of the local network. I always connect to the server through the apps by putting "https://mydomain.com" and leaving the port field empty. I've since resolved this problem, though, by just going to the LAN ip if I ever need to change the password. Link to comment Share on other sites More sharing options...
Solution Luke 37060 Posted September 13, 2020 Solution Share Posted September 13, 2020 what IP address shows up in the emby admin dashboard when you connect with each device? Link to comment Share on other sites More sharing options...
tomnjerry74 93 Posted September 13, 2020 Author Share Posted September 13, 2020 1 hour ago, Luke said: what IP address shows up in the emby admin dashboard when you connect with each device? Through the browser it shows a bunch of cloudflare IPs. I didn't realize this before making the post. However I tried adding various headers to the RP to get real IPs to show but none of them worked. I think I tried something like Real-X-IP. I think you need to pay for it to work: https://support.cloudflare.com/hc/en-us/articles/206776727-What-is-True-Client-IP- Link to comment Share on other sites More sharing options...
Luke 37060 Posted September 13, 2020 Share Posted September 13, 2020 So that means the server is unable to see the actual client ip's, so all of the functions that depend on the server knowing if a client is in or out of your network may produce unexpected results. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 14, 2020 Share Posted September 14, 2020 On 9/13/2020 at 10:21 AM, tomnjerry74 said: Through the browser it shows a bunch of cloudflare IPs. I didn't realize this before making the post. However I tried adding various headers to the RP to get real IPs to show but none of them worked. I think I tried something like Real-X-IP. I think you need to pay for it to work: https://support.cloudflare.com/hc/en-us/articles/206776727-What-is-True-Client-IP- you dont need to pay.. but because you go through cloudflare your emby server will always think you are outside of your network. there is no easy way to use CF within your network.. Also FYI its bad practice, CF is also a reverse proxy, so when you watch a movie using your phone inside your house where your server is, you are sending that entire video stream out of your network, over the internet, then your mobile device connected to your wifi, is downloading that video stream over the internet to your phone. So when inside your LAN you are using twice the bandwidth to the internet to stream that movie, vs just streaming it directly from the emby server thats on the same network, never hitting the internet. There are some hokey things you can do to tell your router if any request from within the network tries to reach mydomain.com send them to 192.168.x.x instead of looking up the domain name, and sending the request out to the internet server (Cloudflare), you are better off setting up two emby servers in your mobile client.. maybe one called "Local - My server" and one "Remote - My Server" so you just connect to the local one when inside your own lan. if that makes sense. 1 Link to comment Share on other sites More sharing options...
tomnjerry74 93 Posted September 14, 2020 Author Share Posted September 14, 2020 2 hours ago, pir8radio said: you dont need to pay.. but because you go through cloudflare your emby server will always think you are outside of your network. there is no easy way to use CF within your network.. Also FYI its bad practice, CF is also a reverse proxy, so when you watch a movie using your phone inside your house where your server is, you are sending that entire video stream out of your network, over the internet, then your mobile device connected to your wifi, is downloading that video stream over the internet to your phone. So when inside your LAN you are using twice the bandwidth to the internet to stream that movie, vs just streaming it directly from the emby server thats on the same network, never hitting the internet. There are some hokey things you can do to tell your router if any request from within the network tries to reach mydomain.com send them to 192.168.x.x instead of looking up the domain name, and sending the request out to the internet server (Cloudflare), you are better off setting up two emby servers in your mobile client.. maybe one called "Local - My server" and one "Remote - My Server" so you just connect to the local one when inside your own lan. if that makes sense. This is the reason I said cloudflare wants you to pay: Regardless, thank you for taking the time to write up all of that useful information - I appreciate it. I don't think it's necessary to have two entries within the apps, however (I've tested on mobile app and shield tv). Even after using my public domain to connect to the server through these apps, emby actually reports local IP addresses. Cloudflare IP's appear to only show when I access the server through web browsers. Again, thanks for the info Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 16, 2020 Share Posted September 16, 2020 If you have the 'Orange cloud' enabled in cloudflare It has to be going through them. its just how cloudflare works, assuming everything is setup correctly.. The "True-Client-IP" is just a header they add for legacy applications... they actually already send your true client ip.. they just dont package it into that header. its already packaged into x-forwarded-for they elude to that here in the blue box: https://support.cloudflare.com/hc/en-us/articles/206776727-What-is-True-Client-IP-#:~:text=True-Client-IP is a,only available to Enterprise users. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now