+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: Troubleshooting (https://forum.jellyfin.org/f-troubleshooting)
+--- Thread: Run Jellyfin through VPN provider's IP and Port, instead of ISP & router (/t-run-jellyfin-through-vpn-provider-s-ip-and-port-instead-of-isp-router)
Run Jellyfin through VPN provider's IP and Port, instead of ISP & router - RedteamEverything - 2024-02-18
Hey everyone. Spent days trying to access my jellyfin outside my LAN and have roadblocks outside of my control:
- My ISP is PPPOE -- not much of a choice in the matter.
- My ISP blocks all ports, even 80 - can't even use ddns.
- I never ever want my PC to talk to the internet if it's not using a VPN! No bypass, no leaks, only VPN!
- You could in theory use Tailscale (https://tailscale.com/kb/1105/other-vpns) with Jellyfin - but it requires split tunneling with my VPN which I can't & don't really want to do.
From my place of ignorance, I'm thinking: if my VPN provider (e.g. nordvpn, wireshark, pia) already gives me an IP and an open Port, and I can use these for online multiplayer games, also Parsec,
then why can't Jellyfin also use this IP and port?
I tried powershell:
Test-NetConnection [my vpn ip] -p [my vpn port] - SUCCESSI put this vpn port in either my Jellyfin Public HTTP port, or Public HTTPS port, and when I try to connect to this ip:port, Jellyfin Media Player says Connection Failure.
Why would this be? It would also solve all the problems of how it's notoriously either hard or insecure to enable remote access on Jellyfin.
RE: Run Jellyfin through VPN provider's IP and Port, instead of ISP & router - TheDreadPirate - 2024-02-18
The privacy type VPNs like NordVPN are just not an option. They don't work that way and can't be used to run a service. The best solution is probably to rent a VPS, setup a wireguard server on the VPS and a wireguard client on your Jellyfin server. Have the VPS act as a reverse proxy.
RE: Run Jellyfin through VPN provider's IP and Port, instead of ISP & router - RedteamEverything - 2024-02-18
(2024-02-18, 04:33 PM)TheDreadPirate Wrote: The privacy type VPNs like NordVPN are just not an option. They don't work that way and can't be used to run a service. The best solution is probably to rent a VPS, setup a wireguard server on the VPS and a wireguard client on your Jellyfin server. Have the VPS act as a reverse proxy.
Could you please explain a bit more why it's just not an option? -- I have a public facing IP and Port. What else would be required, if someone was willing to implement it?(parsec works, syncthing works, all videogames work...)
PS: would https://www.remote.it/ help?
RE: Run Jellyfin through VPN provider's IP and Port, instead of ISP & router - RedteamEverything - 2024-02-18
An interesting way to leapfrog this might be to run tailscale directly on your router: https://forum.tailscale.com/t/tailscale-on-router-dd-wrt/379/4
RE: Run Jellyfin through VPN provider's IP and Port, instead of ISP & router - TheDreadPirate - 2024-02-18
When you are using NordVPN, and other VPN services like it, you are sharing a publicly facing exit node IP with thousands and thousands of users. There is no way for the VPN service to route unsolicited requests from the Internet to you. Running a server requires some level of stability on the server side regarding IP and port. Which is impossible with privacy VPN services like Nord.
And it sounds like your ISP is using CGNAT, which puts you in a similar situation as using NordVPN where you don't have connection stability and routability for hosting a service.
So the solution is to have an external proxy. This gives you the connection stability to reliably host a service. Then you let the wireguard client on your home server running jellyfin handle the changes in your connection.
Tailscale is also a solution if all the clients you have can install the app.