vrntu 3 Posted February 14, 2025 Posted February 14, 2025 Hello, Am back here - I had previously post another thread which was resolved here. I set up a domain, and it worked for about 2 weeks. However now it's shut off again from the remote access WAN. When I spoke to the person who did the network set up, he said that the IP isn't working on port 443 - and hence won't connect to 8096 and 8920.... Any support would be appreciated!
Luke 42077 Posted February 21, 2025 Posted February 21, 2025 Hi. This is a screenshot of a command prompt. What exactly is the issue that you’re having in Emby?
vrntu 3 Posted February 24, 2025 Author Posted February 24, 2025 Hi, sorry - I've done some digging and found out that the 443 port is blocked by my ISP! Will try and find a solution around this, so there is no specific issue with Emby.
yocker 1247 Posted February 25, 2025 Posted February 25, 2025 21 hours ago, vrntu said: Hi, sorry - I've done some digging and found out that the 443 port is blocked by my ISP! Will try and find a solution around this, so there is no specific issue with Emby. Wonder why an ISP would block that port unless you are behind a cgnat. It's a rather important port.
pwhodges 2012 Posted February 25, 2025 Posted February 25, 2025 In pre-cgNAT days it was not uncommon for ISPs to block incoming ports on which you might want to run a server. Paul
Happy2Play 9780 Posted February 25, 2025 Posted February 25, 2025 46 minutes ago, pwhodges said: In pre-cgNAT days it was not uncommon for ISPs to block incoming ports on which you might want to run a server. Paul True as a server on a residential network usually violated your terms of service.
darkassassin07 652 Posted February 25, 2025 Posted February 25, 2025 Oddly, Telus blocks 80 for me, but not 443... They also block port 25 outbound so I can't host email (can't send to external servers) 1
vrntu 3 Posted February 25, 2025 Author Posted February 25, 2025 So - I spoke to my ISP back-end support, they have guaranteed that they aren't blocking anything, especially since my connection is a business line. I have checked on canyouseeme.org and yougetsignal.com - interestingly enough, the 8096 and 8920 ports are open, but the 443 and 80 ports are not. Obviously, all of these ports are unblocked on my firewall, etc. So.... I'm afraid I'm at a bit of an impasse for the moment....
parrish 22 Posted February 25, 2025 Posted February 25, 2025 Emby doesn't use port 443- so not sure what the question is? Emby uses port 8920 for HTTPS traffic and 8096 for unencrypted HTTP traffic by default. Are you, for some reason, trying to change the ports it uses?
darkassassin07 652 Posted February 25, 2025 Posted February 25, 2025 17 minutes ago, parrish said: Emby doesn't use port 443- so not sure what the question is? Emby uses port 8920 for HTTPS traffic and 8096 for unencrypted HTTP traffic by default. Are you, for some reason, trying to change the ports it uses? The default port used for https in web browsers is 443. If you're only hosting a single service, or have a proxy In front; using port 443 means you don't have to specify the port when connecting with a browser, you can just type the domain name. This is slightly easier for remote users. Unfortunately some ISPs block these ports, so you cannot use that quality-of-life feature and have to stick with embys defaults or another uncommon port.
darkassassin07 652 Posted February 25, 2025 Posted February 25, 2025 (edited) 28 minutes ago, vrntu said: So - I spoke to my ISP back-end support, they have guaranteed that they aren't blocking anything, especially since my connection is a business line. I have checked on canyouseeme.org and yougetsignal.com - interestingly enough, the 8096 and 8920 ports are open, but the 443 and 80 ports are not. Obviously, all of these ports are unblocked on my firewall, etc. So.... I'm afraid I'm at a bit of an impasse for the moment.... Can you post a screenshot of the port forwarding rules? Perhaps there's a simple misconfiguration there. I agree you shouldn't have anything blocked on a business line; so something else is up. Edited February 25, 2025 by darkassassin07 1 2
Happy2Play 9780 Posted February 25, 2025 Posted February 25, 2025 (edited) Yes we would need to see port forwarding rules and how you have configured Emby Network page. As by default Emby uses 8096 for http and 8920 for https. And a server log from startup. Edited February 25, 2025 by Happy2Play 1
yocker 1247 Posted February 25, 2025 Posted February 25, 2025 8 hours ago, pwhodges said: In pre-cgNAT days it was not uncommon for ISPs to block incoming ports on which you might want to run a server. Paul Blocking is rare here so didn't think of that. Anyway, this is of no help.. Sorry about that.
Q-Droid 989 Posted February 26, 2025 Posted February 26, 2025 8 hours ago, vrntu said: So - I spoke to my ISP back-end support, they have guaranteed that they aren't blocking anything, especially since my connection is a business line. I have checked on canyouseeme.org and yougetsignal.com - interestingly enough, the 8096 and 8920 ports are open, but the 443 and 80 ports are not. Obviously, all of these ports are unblocked on my firewall, etc. So.... I'm afraid I'm at a bit of an impasse for the moment.... Do you have something actively listening on ports 80 and 443 or at the very least forwarded from WAN 80/443 to LAN something/something? In your case perhaps WAN:80 -> LAN:8096 and WAN:443 -> LAN:8920?
vrntu 3 Posted March 4, 2025 Author Posted March 4, 2025 Hello, apologies! I was travelling and away from my server device. I am attaching here the screenshot forwarding rules on my router, my server network set up, and the server log on startup. embyserver.txt
rbjtech 5284 Posted March 4, 2025 Posted March 4, 2025 (edited) I'm not familiar with the device you are using for the f/w and/or router - but you need to port forward from your public WAN address to the emby server (192.168.1.140) (and implied in that is to do a NAT (WAN > LAN) and also a PAT (443 > 8096 (http) or 8920 (https)) A DNS lookup of your fqdn (which you should probably remove..) comes back with two IP addresses - so that is not helping things as you will need to accomodate for both. Remove Automatic Port mapping from the Emby Config above. Unless you have other services on 443 - it may well be easier just to ask Emby to listen on 443 and then you don't have to PAT - ie change local HTTPS port to 443 and restart emby. -edit- Ah - the two WAN IP's on the fqdn are godaddy - both are listening on TCP 443 - as the fqdn is a parked domain and godaddy is replying. the 136.232.x.y is replying on 443, 8096 & 8920 So you need to sort out the DNS/Domain registration - so the fqdn replies with your WAN address (DDNS needed) and then it will likely work fine. Edited March 4, 2025 by rbjtech
daldana 122 Posted March 4, 2025 Posted March 4, 2025 @vrntu, three things to check in RouterOS. 1. When you double click on one of those rules, do you see this on the "Action" tab? 2. RouterOS is picky about the order of rules, so you should move the masquerade rule to the top. 3. You probably don't need to have any entries in the "In Inter" column.
rbjtech 5284 Posted March 4, 2025 Posted March 4, 2025 (edited) 2 minutes ago, daldana said: @vrntu, three things to check in RouterOS. 1. When you double click on one of those rules, do you see this on the "Action" tab? 2. RouterOS is picky about the order of rules, so you should move the masquerade rule to the top. 3. You probably don't need to have any entries in the "In Inter" column. nat etc is working fine - all the ports listed are listening - thus nat/port forwarding is working. I think the issue is the DNS/TLS/Cert as that domain does not belong to the user ... but at the TCP layer - it's working just fine. Edited March 4, 2025 by rbjtech
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now