wearethenext 0 Posted April 11, 2021 Share Posted April 11, 2021 I have a ubiquiti usg and a switch with emby running on a pc on my main lan network through the switch. I recently created a guest network and guest wifi on my UAP AC M but cant access my emby server on the guest network. I access it well on my main wireless network but need a way to provide access to it for guests to watch movies without connecting to my main network. What firewall rules should i set up Link to comment Share on other sites More sharing options...
wearethenext 0 Posted April 11, 2021 Author Share Posted April 11, 2021 I have a ubiquiti usg and a switch with emby running on a pc on my main lan network through the switch. I recently created a guest network and guest wifi on my UAP AC M but cant access my emby server on the guest network. I access it well on my main wireless network but need a way to provide access to it for guests to watch movies without connecting to my main network. What firewall rules should i set up Link to comment Share on other sites More sharing options...
Luke 37099 Posted April 11, 2021 Share Posted April 11, 2021 Hi there, what happens when you try to access it? Link to comment Share on other sites More sharing options...
Luke 37099 Posted April 11, 2021 Share Posted April 11, 2021 I would also suggest taking a look at our Connection Troubleshooter: https://support.emby.media/support/solutions/articles/44001849007-connectivity Please try the steps listed there and let us know which ones succeed and which ones do not. Thanks ! Link to comment Share on other sites More sharing options...
rbjtech 4284 Posted April 12, 2021 Share Posted April 12, 2021 Your guest network will be on a separate VLAN to the main network - thus as you have concluded, you need to provide a way for the traffic to flow from the guest to the main network. You need to allow ANY SOURCE IP on the GUEST (IN) network using TCP 8096 and TCP 8920 (assuming you are using the default emby ports) to be allowed to reach the EMBY DESTINATION SERVER IP on the main (LAN Out) network. I don't use a USG f/w myself - but have a look here - https://help.ui.com/hc/en-us/articles/115003173168-UniFi-UDM-USG-Introduction-to-Firewall-Rules#4 2 Link to comment Share on other sites More sharing options...
wearethenext 0 Posted April 19, 2021 Author Share Posted April 19, 2021 On 4/12/2021 at 1:37 PM, rbjtech said: Your guest network will be on a separate VLAN to the main network - thus as you have concluded, you need to provide a way for the traffic to flow from the guest to the main network. You need to allow ANY SOURCE IP on the GUEST (IN) network using TCP 8096 and TCP 8920 (assuming you are using the default emby ports) to be allowed to reach the EMBY DESTINATION SERVER IP on the main (LAN Out) network. I don't use a USG f/w myself - but have a look here - https://help.ui.com/hc/en-us/articles/115003173168-UniFi-UDM-USG-Introduction-to-Firewall-Rules#4 Am not a network pro or something so i needed a straight forward answer on how to do it from someone that has done it before. A breakdown step by step easy guide would be great help. I have tried reading through the article but i dont make much sense of anything. Thanks Link to comment Share on other sites More sharing options...
wearethenext 0 Posted April 19, 2021 Author Share Posted April 19, 2021 On 4/12/2021 at 12:32 AM, Luke said: Hi there, what happens when you try to access it? I just cant access the server. But when connected to my main lan wifi i can. Link to comment Share on other sites More sharing options...
wearethenext 0 Posted April 19, 2021 Author Share Posted April 19, 2021 On 4/12/2021 at 1:37 PM, rbjtech said: Your guest network will be on a separate VLAN to the main network - thus as you have concluded, you need to provide a way for the traffic to flow from the guest to the main network. You need to allow ANY SOURCE IP on the GUEST (IN) network using TCP 8096 and TCP 8920 (assuming you are using the default emby ports) to be allowed to reach the EMBY DESTINATION SERVER IP on the main (LAN Out) network. I don't use a USG f/w myself - but have a look here - https://help.ui.com/hc/en-us/articles Hey To get a better picture of my setup. I have a USG a Unifi switch mini and an Ap M. I have two networks the Main Lan and Guest Network both with Wifi. I have configured Guest portal on my Guest wifi. Now my problem is i cant access my emby server running on my Main Lan. I need a way for devices on guest Wifi to access my emby Server on my Lan Network. Lan Network 192.168.1.0/24 Guest Network 192.168.10.0/24 Emby server ip address 192.168.1.10 Your Help would be highly Appreciated. Link to comment Share on other sites More sharing options...
rbjtech 4284 Posted April 19, 2021 Share Posted April 19, 2021 Hi - Sorry, I can't really help anymore beyond what I've already said - as I don't run a ubiquiti firewall (but the concept should be the same for all firewalls..) Your best course of action is to logon to the ubiquiti forums and ask the question there - provide them with the same info as above (include the fact you only want TCP 8096 and TCP 8920) and they should be able to help you. Link to comment Share on other sites More sharing options...
Happy2Play 8296 Posted April 19, 2021 Share Posted April 19, 2021 Since you want access to Emby on two networks on your LAN, have you added those networks to LAN Networks? Dashboard-Network LAN networks: Comma separated list of IP addresses or IP/netmask entries for networks that will be considered on local network when enforcing bandwidth restrictions. If set, all other IP addresses will be considered to be on the external network and will be subject to the external bandwidth restrictions. If left blank, only the server's subnet and common private IP subnets (10.0.0.0/8, 192.168.0.0/24, etc.) are considered to be on the local network. Link to comment Share on other sites More sharing options...
rbjtech 4284 Posted April 19, 2021 Share Posted April 19, 2021 (edited) I don't think that is going to help - the GUEST network is isolated from the LAN network by design - the only way you are going to get traffic from one to the other is via a firewall which will allow (and route) the traffic. A simple f/w rule such as 'Allow ANY IP on GUEST to Emby IP on LAN using TCP 8920 or TCP 8096' will work - but the OP just needs to translate that into Ubiquiti f/w logic.. This is my internal emby f/w rule (on my Sophos XG f/w) - it allows traffic from my Core and Mobile networks (the source) to the Emby Destination on the IoT network. In your case, you would substitute the GUEST network as the Source and your main LAN as the destination. I hope this helps. Edited April 19, 2021 by rbjtech Link to comment Share on other sites More sharing options...
yaksplat 58 Posted April 20, 2021 Share Posted April 20, 2021 I put a static route in for VPN traffic to get to emby while on the VPN. VPN traffic came in on 192.168.2.0/24 and then the next hop was on 192.168.1.0 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now