jachin99 88 Posted June 18, 2018 Posted June 18, 2018 I'm setting up remote access, and I'm new to to Dynamic DNA & SSL Certificate providers. I would prefer free but I don't mind paying a little bit to get something more reliable or secure. What does everyone else use for these services, and what would be the best way to configure them. I'm assuming I only need to point my router to the DDNS service, and I only need to install the Cert on the Emby server machine. I am also limited by a 5 mbps upload speed so if anyone has suggestions on the best way to approach that situation then it would be appreciated. Thank you for your help.
jachin99 88 Posted June 18, 2018 Author Posted June 18, 2018 If I'm just setting this up for Emby, do I HAVE to configure it at the router, or can I download the NOIP client on my emby server machine, and configure NOIP to map my domain name to JUST the emby server. I have remote web access configured on a Windows Home Server 2011 box, and I don't want to screw up that.
Swynol 375 Posted June 18, 2018 Posted June 18, 2018 Lots of options out there. I use namecheap and lets encrypt or cloudflare. You will have to buy a domain name. Around £5 a year. Rest is all free Sent from my iPhone using Tapatalk
jachin99 88 Posted June 18, 2018 Author Posted June 18, 2018 I grabbed a domain from NOIP but i have done something wrong. The domain points to my router's homepage. I configured DDNS at my router, and once I realized it would take me the router's login page, I deleted that configuration. How do I point NOIP towards my emby server machine? I'm guessing if I somehow pointed it at my private IP address the name wouldn't resolve to the IP? Sorry for all of the questions but I'm lost here.
jachin99 88 Posted June 18, 2018 Author Posted June 18, 2018 Emby wiki - Secure Your Server I can't find anything about managing my DNS Server on my NOIP dashboard. I only see options to manage clients
Swynol 375 Posted June 18, 2018 Posted June 18, 2018 if the domain is pointing to your routers homepage then something is working. there is a NOIP client which you can run on the same machine as emby which will update your A record in NO-IP. Have you tried appending the Port number on the URL? so http://emby.whatever.com:8096 that should take you to your Emby server aslong as you have port forwarded correctly on your router. See if this works first, and let us know.
jachin99 88 Posted June 18, 2018 Author Posted June 18, 2018 I can't find anything about managing my DNS Server on my NOIP dashboard. I only see options to manage clients I see the recommended domain registration services now, and I might try one of these
jachin99 88 Posted June 18, 2018 Author Posted June 18, 2018 if the domain is pointing to your routers homepage then something is working. there is a NOIP client which you can run on the same machine as emby which will update your A record in NO-IP. Have you tried appending the Port number on the URL? so http://emby.whatever.com:8096 that should take you to your Emby server aslong as you have port forwarded correctly on your router. See if this works first, and let us know. It was deffinately forwarding traffic but I don't want to go to my router's homepage, I only want to expose emby server to the internet. I deleted that record, and flushed the DNS cache on my local laptop. I get a 403 error now when I access my domain name. I have the NOIP client installed on the Emby server machine but I'm not sure how to point everything my Emby server in particular. I'm also not exactly sure how to create an SSL cert that is compatible with NOIP, and configure that in Emby server. The Wiki Entry looks to have all of this but I'm still going to try NOIP for a bit.
jachin99 88 Posted June 18, 2018 Author Posted June 18, 2018 One more thing. Do I have to clear the router's DNS entries also?
KMBanana 116 Posted June 18, 2018 Posted June 18, 2018 Everything on your network is behind your router, so the DDNS should point at the router. What you need to do is configure your router so that traffic to a specific port goes to the machine Emby is on. Then if you access YourDNS.URL:EmbyPortNumber it should work A simple diagram. THE INTERWEBS | Your Public IP/What DDNS should point to ( https://whatismyipaddress.com/ ) | Your Router | Your Router's Internal IP Address (Probably 192.168.1.1) | Your Emby Server (192.168.1.XXX) Semi related, your routers homepage should only be accessible from within your local network, if you can access your router's homepage from outside your local network via the DDNS URL it is a very real and significant security vulnerability.
jachin99 88 Posted June 18, 2018 Author Posted June 18, 2018 I had two forwarded ports on the router, one for Emby, and one for Windows Home Server 2011. What is weird is that when I go to my new domain name AND my WHS 2011 page, I get the login page for my router. All of this testing has been done on my LAN. I have my router configured to only allow administration from within the LAN but I know that can only go so far and without confirming I can't get to the router's page outside of the LAN I can't be sure about how effective it is. I changed username and passwords on it but I don't know how easy it is to spoof an internal address.
ebr 16185 Posted June 18, 2018 Posted June 18, 2018 I had two forwarded ports on the router, one for Emby, and one for Windows Home Server 2011. What is weird is that when I go to my new domain name AND my WHS 2011 page, I get the login page for my router. All of this testing has been done on my LAN. I have my router configured to only allow administration from within the LAN but I know that can only go so far and without confirming I can't get to the router's page outside of the LAN I can't be sure about how effective it is. I changed username and passwords on it but I don't know how easy it is to spoof an internal address. Sounds like your router doesn't support loopback... 1
KMBanana 116 Posted June 18, 2018 Posted June 18, 2018 Simplest way to test would be to turn off wifi on your phone and then go to the DDNS URL. Good chance your router is just recognizing that it is the destination of the DDNS URL, and so taking you to the router page without traffic leaving your local LAN. (This is fine and normal) Does accessing Emby via local ip (192.168.1.XXX:8096) work? Does accessing Emby via direct public IP (IP address from https://whatismyipaddress.com/, so X.X.X.X:8096) work? Assuming 8096 is the port your forwarded. Is traffic to port 8096 allowed on your Emby Server's firewall? Can you paste a screenshot of your router's port forwarding settings?
Tur0k 148 Posted June 18, 2018 Posted June 18, 2018 Home router: 1. Check your port forwarding to the right internal IP address. 2. Confirm that you have NAT reflection (also called NAT loopback) enabled. 3. Check that you are forwarding to the appropriate internal server port (default for HTTPS - 8920). On the Emby host server: 1. If windows check that network discovery is enabled. 2. Check to make sure you have the appropriate network type for your internal network (private/domain). 3. Check that you have advanced firewall rules for inbound port 8096 and 8920, and that allow edge traversal is enabled. 4. Note: Emby server has a setting that forces all public requests to pass through the HTTPS port and never the HTTP port. If you have this setting enabled you can not forward 8096 from the public Internet to your Emby server. Sent from my iPhone using Tapatalk
jachin99 88 Posted June 19, 2018 Author Posted June 19, 2018 I appreciate all of the help. To go over a few different changes I have made, and settings I have reviewed and found to be wrong on my setup, I'll start with how my system is currently configured. I took down my NOIP domain, closed off my two open ports, and ran setup again on WHS 2011 RWA. I also enforced LAN web admin access on the router, and forced HTTPS connections to the web admin page. I didn't set up a certificate for this, and I don't think the router created a certificate for me but going to HTTPS://x.x.x.x :PORT shows me the admin page on my LAN, and I can log in and administer it from here. My phone is charging so I can confirm the router's web admin page isn't on the public internet later Looking at my router's settings, port 443 was set as the default, which I moved to a new port. Does this explain why I was getting my router's home page when I would go to my NOIP domain name? Before, going to both my NOIP domain name, and my WHS 2011 domain name would land me on the router's home page so I'm guessing it was a misconfigured port. I'm back a square one with only WHS 2011 RWA configured on the router (Via port forwarding at the router over port 443) and nothing else configured. No emby ports are configured to be forwarded no domain names are registered, nothing. Should I configure NOIP on the router (The router has a setting just for DDNS entries), or should I attempt to register a new domain that points to my Emby server? If I should do the latter, do I just open the port on my router, and let the NOIP utility do the work for me, or do I need to configure both? Thanks
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now