ITGuy1024 18 Posted September 15, 2024 Posted September 15, 2024 (edited) I think this is going to be more of a network issue but here is the situation My parents Roku is getting this error trying to manually add / connect to my server (emby.mydomain.com) -35: quictls/3.0.10:error:0A00010B:lib(20)::reason(267) If I try to access it from their computer it prompts me to "accept risk and continue" From my phone on their wireless using chrome it says SSL_Error. From my house and over cellular 5g I can hit the domain fine. The SSL is valid and I even renewed it just to be sure. The have one of those xfinity modem / wireless boxes. I don't see anything in there that would be blocking this. Nothing has changed on their side or my side. It's worked great for years. I have my domain pointing to my public IP and a reverse proxy handles the rest. So probably not an Emby issue but does anyone have any suggestions? Edited September 15, 2024 by ITGuy1024
speechles 2055 Posted September 15, 2024 Posted September 15, 2024 Are you entering it like this on the Roku? HOST: https://emby.mydomain.com PORT: 443 error:0A00010B is what you need to search for. The Roku will throw CURL errors which you can find. It means you are connecting to a port that is not using TLS or there is a middlebox interfering with the connection or your server is using a very old implementation of ssl."
ITGuy1024 18 Posted September 15, 2024 Author Posted September 15, 2024 Yeah that's how I enter it. I have other people connecting fine from a roku.
speechles 2055 Posted September 15, 2024 Posted September 15, 2024 (edited) 5 hours ago, ITGuy1024 said: The have one of those xfinity modem / wireless boxes. I don't see anything in there that would be blocking this. https://forums.xfinity.com/conversations/your-home-network/whitelisting-external-ips-to-bypass-xfi-advanced-security/602dafa0c5375f08cd1217e7 It might be the xfi advanced security thing. Do they already have this disabled? https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security Edited September 15, 2024 by speechles
ITGuy1024 18 Posted September 15, 2024 Author Posted September 15, 2024 It doesn't look like they have the advanced security but the firewall is disabled on their modem right now so it's basically allow all / any any.
ebr 16169 Posted September 15, 2024 Posted September 15, 2024 Hi. I believe this will come down to the Roku not trusting your cert. Where is it from?
ITGuy1024 18 Posted September 15, 2024 Author Posted September 15, 2024 Cert: Lets encrypt Proxy: nginx proxy manager
ITGuy1024 18 Posted September 15, 2024 Author Posted September 15, 2024 I have the same Roku as them. I manually added my server and logged in with their credentials. Very odd.
speechles 2055 Posted September 20, 2024 Posted September 20, 2024 (edited) On 9/15/2024 at 10:29 PM, ITGuy1024 said: I have the same Roku as them. I manually added my server and logged in with their credentials. Very odd. Are you able to take that same Roku you set up yourself that works for you to your parents location and then try from there? If your Roku fails the same way as their Roku it has to be something with the Xfinity router breaking things. You might disable the Xfinity router/gateway and use it just as a modem. Then get them a gateway/router to use to bypass that nonsense routing Xfinity does. https://www.xfinity.com/support/articles/wireless-gateway-enable-disable-bridge-mode Edited September 20, 2024 by speechles
ITGuy1024 18 Posted September 20, 2024 Author Posted September 20, 2024 So I have a system there that I send my offsite backups to. From that system I can hit my emby server via chrome. But every other device in the house can't hit it including my cell phone when I'm there. Even more odd.
ebr 16169 Posted September 20, 2024 Posted September 20, 2024 36 minutes ago, ITGuy1024 said: So I have a system there that I send my offsite backups to. From that system I can hit my emby server via chrome. But every other device in the house can't hit it including my cell phone when I'm there. Even more odd. More evidence that the SSL cert is not trusted IMO.
ITGuy1024 18 Posted October 14, 2024 Author Posted October 14, 2024 (edited) Following back up on this - I found a "solution" So at some point my Ecobee thermostat stopped connecting to their servers. Went thru all sorts of troubleshooting. Rebooting my router fixed the issue for a few days. It looks like this is a widespread problem recently with TP-Link firewalls. I couldn't find a long term fix. I was in the process anyway of deploying an opnsense firewall and this was enough for me to dust it off and finish setting it up. So in the process of replacing my firewall to fix a dang thermostat I accidently found a fix for my parents not able to connect to my emby server. No clue what was going wrong with the TP-Link to stop just my parents Roku from connecting. Especially when other people could connect fine. If anything changes I'll report back. Edited October 14, 2024 by ITGuy1024 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now