+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: General Questions (https://forum.jellyfin.org/f-general-questions)
+--- Thread: Can't access JF when on a VPN? (/t-can-t-access-jf-when-on-a-vpn)
Pages:
1
2
Can't access JF when on a VPN? - 4r5hw45twh - 2024-10-07
So, I have everything setup and working. Can access JF just fine from outside my network. The problem I am having is when I access from a VPN, it won't load my subdomain site for it, nor on the app. How can I allow VPN's?
RE: Can't access JF when on a VPN? - foux - 2024-10-07
This is definitevely not a Jellyfin issue if you can't access the website from your VPN.
What VPN are you using? Is the VPN self-hosted at your place, or is it an external service? Is your DNS entry correct? Are you accessing via https 443 or via Jellyfin port (which might be blocked on your VPN)?
RE: Can't access JF when on a VPN? - 4r5hw45twh - 2024-10-07
(2024-10-07, 06:10 PM)foux Wrote: This is definitevely not a Jellyfin issue if you can't access the website from your VPN.
What VPN are you using? Is the VPN self-hosted at your place, or is it an external service? Is your DNS entry correct? Are you accessing via https 443 or via Jellyfin port (which might be blocked on your VPN)?
ProtonVPN. I access JF through my subdomain, which is pointed to my server's public IP address (otherwise, I access locally on a local port). All works perfectly fine; just can't access it once I enable a VPN on a device but soon as it turns off, it works.
RE: Can't access JF when on a VPN? - TheDreadPirate - 2024-10-07
If you have ProtonVPN a PC, can you check if you can even resolve your jellyfin subdomain while connect to the VPN.
I believe both Linux and Windows use "nslookup jellyfin.domain.tld" on the command line.
RE: Can't access JF when on a VPN? - 4r5hw45twh - 2024-10-07
(2024-10-07, 07:15 PM)TheDreadPirate Wrote: If you have ProtonVPN a PC, can you check if you can even resolve your jellyfin subdomain while connect to the VPN.
I believe both Linux and Windows use "nslookup jellyfin.domain.tld" on the command line.
On the same PC that's running the server I get:
Code:
Server: UnKnown
Address: (local IP)
Non-authoritative answer:
Name: mysite.com
Address: (My Home Public IP)
Aliases: jellyfin.mysite.comLike, on the server PC, I always have my VPN on anyway, but I can still always access JF on that PC. Just not any other devices when on a VPN (which is honestly weird because I watched on my FireStick for like 4hrs last night while on my VPN network...).
RE: Can't access JF when on a VPN? - TheDreadPirate - 2024-10-07
Preferably from a different PC.
Also, you said you started using Nginx, right? Can you share your full nginx config via pastebin? Censor the domain name.
RE: Can't access JF when on a VPN? - 4r5hw45twh - 2024-10-07
(2024-10-07, 08:36 PM)TheDreadPirate Wrote: Preferably from a different PC.
Also, you said you started using Nginx, right? Can you share your full nginx config via pastebin? Censor the domain name.
I ditched NGINX for Caddy. Caddy "just worked" for me. Could never really fully get NGINX to for me reliably.
Should I be enabling split tunneling on my server VPN and pointing my domain A record to the VPN's IP? That would create a tunnel, right? Or no? My Caddyfile is simply:
jellyfin.mysite.com
reverse_proxy 127.0.0.1:PORT
RE: Can't access JF when on a VPN? - TheDreadPirate - 2024-10-08
That essentially defeats the purpose of having a reverse proxy with https. But you do need to setup split tunneling so that Caddy is not tunneled.
RE: Can't access JF when on a VPN? - 4r5hw45twh - 2024-10-08
(2024-10-08, 12:14 AM)TheDreadPirate Wrote: That essentially defeats the purpose of having a reverse proxy with https. But you do need to setup split tunneling so that Caddy is not tunneled.
Darn, that's like the one thing I didn't try yet, but still didn't work. Kept everything how I had it and just added caddy.exe to the excluded list but same thing.
RE: Can't access JF when on a VPN? - TheDreadPirate - 2024-10-08
It really isn't that complicated to get this to work. There has to be something you aren't mentioning.
CF subdomain CNAME -> CF domain A/AAAA record for public WAN IP -> router port forwards https 443 -> Caddy -> jellyfin 8096
Things that can break this:
- Misconfigured DNS/adblocker/pihole
- Incorrect public IP
- CGNAT
- VPN not configured to split tunnel
- Misconfigured default route
- Incomplete IPv6 setup. ISP, router, host, jellyfin all need to support IPv6 and have it enabled.