SageTV Community  

Go Back   SageTV Community > SageTV Development and Customizations > SageTV v9 Customizations

Notices

SageTV v9 Customizations This forums is for discussing and sharing user-created modifications for the SageTV version 9 application created by using the SageTV Studio or through the use of external plugins. Use this forum to discuss plugins for SageTV version 9 and newer.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 08-05-2021, 07:38 AM
waynedunham waynedunham is offline
Sage Icon
 
Join Date: Sep 2004
Posts: 1,466
Can't get access to WebUI from remote

I am running 2 servers on Windows 8 and Windows 10. When I was away on vacation I found that I couldn't get access to either of those machines remotely. I couldn't get in with the the newer WEB server formatted for phones and tablets, nor the original webserver. I also couldn't get access to the machines via remote access, or TeamViewer.

I suspected it was a router issue. I have had issues with the router where it required a reboot maybe once a month.

When I got home I went down and rebooted the router, but still no luck with remote access. However everything worked fine from my home side of the router from both wired and wireless connections.

So now I'm pulling my hair out trying to figure out why I can't get remote access. I checked the webserver settings on the machines and they have the same port, uname/pwd that was working in the past.
I checked my DYNDNS account and it was still set up.

When I try to access from a browser I get the standard error screen you get when you aren't connected to the internet.

Any ideas of what to check? I checked the port settings on the router and they are still intact and set to allow incoming requests on the specific ports.
__________________
Wayne Dunham
Reply With Quote
  #2  
Old 08-05-2021, 07:51 AM
waynedunham waynedunham is offline
Sage Icon
 
Join Date: Sep 2004
Posts: 1,466
Oh, forgot to mention I checked the firewall settings on both servers and they are also still intact allowing all the SageTV things as before.
__________________
Wayne Dunham
Reply With Quote
  #3  
Old 08-05-2021, 10:10 AM
wnjj wnjj is offline
Sage Icon
 
Join Date: Jan 2009
Posts: 1,475
Did your ISP make any changes? Can you get to anything non-SageTV from outside?
__________________
Windows Installer
Reply With Quote
  #4  
Old 08-05-2021, 10:14 AM
Striker:WG Striker:WG is offline
Sage Aficionado
 
Join Date: Oct 2008
Posts: 435
Have you confirmed that your server IPs haven't changed on your internal network? If you don't have static IPs set you might be port forwarding to the wrong IP.
Reply With Quote
  #5  
Old 08-05-2021, 12:30 PM
Tiki's Avatar
Tiki Tiki is offline
Sage Icon
 
Join Date: Feb 2005
Location: Southwest Florida, USA
Posts: 1,991
Did you configure port forwarding on your router with the correct ports?
Have you ever been able to access your servers from outside your home network?
__________________
Server: Ryzen 2400G with integrated graphics, ASRock X470 Taichi Motherboard, HDMI output to Vizio 1080p LCD, Win10-64Bit (Professional), 16GB RAM
Capture Devices (7 tuners): Colossus (x1), HDHR Prime (x2)
,USBUIRT (multi-zone)
Source:
Comcast/Xfinity X1 Cable
Primary Client: Server Other Clients: (1) HD200, (1) HD300
Retired Equipment: MediaMVP, PVR150 (x2), PVR150MCE,
HDHR, HVR-2250, HD-PVR
Reply With Quote
  #6  
Old 08-05-2021, 06:18 PM
waynedunham waynedunham is offline
Sage Icon
 
Join Date: Sep 2004
Posts: 1,466
Quote:
Originally Posted by wnjj View Post
Did your ISP make any changes? Can you get to anything non-SageTV from outside?
Yes, I can now get to both of those machines via TeamViewer (remote access control) from both inside and outside.
__________________
Wayne Dunham
Reply With Quote
  #7  
Old 08-05-2021, 06:21 PM
waynedunham waynedunham is offline
Sage Icon
 
Join Date: Sep 2004
Posts: 1,466
Quote:
Originally Posted by Striker:WG View Post
Have you confirmed that your server IPs haven't changed on your internal network? If you don't have static IPs set you might be port forwarding to the wrong IP.
One machine did change its IP. I forgot that since the last time I used remote access I'd changed the motherboard in that machine so the IP changed.
I fixed that in the router, i.e. I changed all the SageTV ports to the new IP.

However that doesn't help on the 2nd server whose IP did not change.

The port settings in the router had been working fine for years prior to this latest Maine trip. Although the last time I used it was last fall around October. It was working fine for both servers at that time.
__________________
Wayne Dunham
Reply With Quote
  #8  
Old 08-05-2021, 06:25 PM
waynedunham waynedunham is offline
Sage Icon
 
Join Date: Sep 2004
Posts: 1,466
Quote:
Originally Posted by Tiki View Post
Did you configure port forwarding on your router with the correct ports?
Have you ever been able to access your servers from outside your home network?
I've had the same port settings in the router for years now. As mentioned in the previous reply I did have to change the settings over to the proper IP of one the machines that had a motherboard replacement since last falls trip to Maine.

I was lulled into a false sense of security since access from my side of the router from both wired and wireless connections had been working fine. I didn't check remote access before I left for Maine.
Although even if I had it wouldn't have made any difference since I've been sttruggling with this since I got back from Maine.
__________________
Wayne Dunham
Reply With Quote
  #9  
Old 08-05-2021, 07:15 PM
hb4 hb4 is offline
Sage Aficionado
 
Join Date: Sep 2008
Location: Seattle, Wa
Posts: 342
If you can't get in from any remote connection - like Transceiver which I've found pretty easy to deploy - then it doesn't seem like it's particularly a Sage thing. I've been using Placeshifter client, HD-300, and now the Firestick with no problems through router changes and whatever Comcast does to the IP address for a non-dedicated account. If the Placeshifter test comes back positive, I've always been able to use my PS username and password to get through.
__________________
Server: Intel i5-11400 @4.4GHz 6 cores Windows10 Pro, Sage 9.2.6.976, Comskip Donators
Capture: Now> Xfinity/TVEverywhere/Channels OpenDCT_0.5.32_x86.
Future> remote HDHR Prime with Firmware version 20150826
Storage: 120gB SSD, 4tB HD on Server
Network: Now> gb LAN; Future> 500Mb Comcast to WAN to 20Mb rural ISP.
Playback: FireStick 4K, miniclient V1.9.3
Tech Level: Hobbyist
Reply With Quote
  #10  
Old 08-06-2021, 07:52 AM
sic0048 sic0048 is offline
Sage Icon
 
Join Date: Nov 2007
Posts: 1,372
[soapbox]
After years of using the port forwarding method, a few years ago I finally decided to create a VPN server and now I use it to access my network remotely.

There are two types of VPN systems that you might read about. The most common one that comes up in internet searches is when you send your home network's outgoing data through a "free" or paid third party VPN service in an effort to obscure and protect your information. This is NOT the type of VPN service I am speaking of.

The second type of VPN service is when you set up our own VPN server on your network (generally in the router/firewall appliance). OpenVPN is probably the most commonly used software and many routers have this built into their devices. This server creates a encryption file that you have to download to each device you want to connect remotely with. People trying to connect to the VPN server will have to have a valid user name and password, but also have a valid encryption file as well. It's this extra layer of encryption that provides the much needed security to prevent unauthorized access.

I even have the VPN software loaded on the Firestick I travel with. So when I am traveling, I can simply connect to my home network using the VPN app and then the SageTV app will work as normal without having to forward any ports on my router. This is because by using the VPN connection, the Firestick (or any other device you connect with) will appear on the home network as a local device. So whatever local settings you use while at home (basically just entering the SageTV server's local IP address) will work through the VPN connection.

When you forward ports, there is zero encryption being used. At best, you are a hard password away from having anyone access your devices, but if there is a known exploit the access might be much easier than that. Add to that the fact that most people are using duplicate or easy to remember passwords, it really is a very insecure way of accessing your devices remotely.

I was surprised how easy it was to set up my VPN. I wish I had done it long ago.

PS - If people aren't using a password management system like BitWarden, they really need to as well. There is no way someone can create and remember unique, hard passwords for every logon they need. Using something like Bitwarden is actually faster because it will generally automatically fill in user names and passwords for me. So not only are my logons much more secure, but I can access sites quicker than before when I simply used the same 3-4 passwords for everything.
[/soapbox]
__________________
i7-6700 server with about 10tb of space currently
SageTV v9 (64bit)
Ceton InfiniTV ETH 6 cable card tuner (Spectrum cable)
OpenDCT
HD-300 HD Extenders (hooked to my whole-house A/V system for synched playback on multiple TVs - great during a Superbowl party)
Amazon Firestick 4k and Nvidia Shield using the MiniClient
Using CQC to control it all

Last edited by sic0048; 08-09-2021 at 09:52 AM.
Reply With Quote
  #11  
Old 08-06-2021, 08:54 PM
Striker:WG Striker:WG is offline
Sage Aficionado
 
Join Date: Oct 2008
Posts: 435
I will put in a plug for pfsense here. It is a free router application that you can install on an old PC. As long as it has two network connections in it, you can use it as a router. It installs a customized version of FreeBSD and provides a web interface for management.

I run several openvpn servers on it depending upon what type of device I want to access my home network and how. In addition, it also runs VPN clients so I can route outgoing traffic through a NordVPN account. They have a support forum that has a very knowledgeable community. If you are interested in elevating your network setup it is definitely worth looking into.
Reply With Quote
  #12  
Old 08-07-2021, 11:08 AM
waynedunham waynedunham is offline
Sage Icon
 
Join Date: Sep 2004
Posts: 1,466
Quote:
Originally Posted by sic0048 View Post
[soapbox]
After years of using the port forwarding method, a few years ago I finally decided to create a VPN server and now I use it to access my network remotely.

[/soapbox]
I know it isn't on the machine end, but my cellphone creates a VPN connection for the cell line, and I'm assuming this carries through when I make a hotspot of my cell connection on the phone and connect to it with another device (my tablet)
Is that something that can/should work? The reason I ask is that if it is supposed to work then it isn't because that is how I was trying to remotely connect while on vacation. Both on the hotspot with my tablet, and also just using the cell connection on the cellphone. Neither case would work.
__________________
Wayne Dunham
Reply With Quote
  #13  
Old 08-07-2021, 11:51 AM
waynedunham waynedunham is offline
Sage Icon
 
Join Date: Sep 2004
Posts: 1,466
I'm such a doofus!!!

Such a simple solution. Not sure when this happened, but at some point my IP for my router that the outside world sees got changed. No firmware updates or anything in the period between when it was working and now that it wasn't for remote connection to the webserver.(and my webswitch as well)

Anyway. I went onto dyndns and checked the settings for the "dvrdns.org" that I'd set up. In the IP address line it had a different one than what it said underneath that box for what my current IP was. Since it wasn't the machine I was trying to connect to I said "who cares" initially.

So I went to both of the server machines and did a search on "what is my IP address" and both machines came up with the same IP that dyndns said was my current IP.
That's when the little 3watt lightbulb (about all I have left at this point) in my head went off and I said "Ahhh, it's the router IP, not the specific machine IP"

Changed it to my current IP as reported by dyndns and everything is working again!!

I will have to look into the VPN option, but for now it's working again.

Now I have to look and see if there's a way to lock my IP on the router and/or what dyndns and the internet see.
__________________
Wayne Dunham
Reply With Quote
  #14  
Old 08-07-2021, 01:36 PM
Striker:WG Striker:WG is offline
Sage Aficionado
 
Join Date: Oct 2008
Posts: 435
Unless you are paying for a static IP from your internet provider, you don't have any control over the external IP that is assigned to you. It is given at the discretion of your ISP.

The point of using a dynamic DNS service is to automatically update the DNS records to point to your current IP. If everything is setup correctly then you should be connecting to your dvrdns.org not to your IP.

The VPN you are describing on your phone will likely protect the traffic leaving your phone but it won't be doing anything to protect your home systems.
Reply With Quote
  #15  
Old 08-07-2021, 07:22 PM
waynedunham waynedunham is offline
Sage Icon
 
Join Date: Sep 2004
Posts: 1,466
Quote:
Originally Posted by Striker:WG View Post
Unless you are paying for a static IP from your internet provider, you don't have any control over the external IP that is assigned to you. It is given at the discretion of your ISP.

The point of using a dynamic DNS service is to automatically update the DNS records to point to your current IP. If everything is setup correctly then you should be connecting to your dvrdns.org not to your IP.

The VPN you are describing on your phone will likely protect the traffic leaving your phone but it won't be doing anything to protect your home systems.
It appears there may be something broken in the DYNUPDATER program on my main machine. That is supposed to automatically change the DNS I have set up on DYNDNS any time my ISP changes my IP.
It isn't doing that even though from the taskbar everything looks OK. However I can't get the updater configuration tool to run. To me that might mean it isn't communicating with DYNDNS to make said changes.
So I may have to uninstall/reinstall the updater program to get it working again. I think I'll put it on one of the SageTV servers which run 24/7/365 rather than my "main" machine which is usually run 24/7, but I usually turn it off while I'm out of town.

RE: the VPN on my phone. I wasn't looking to have it protect my other machines, merely asking if that could/should have allowed the connection to my remote machine. Since my router's IP was wrong on DYNDNS I now see that never would have happened.
__________________
Wayne Dunham
Reply With Quote
  #16  
Old 08-07-2021, 11:12 PM
hb4 hb4 is offline
Sage Aficionado
 
Join Date: Sep 2008
Location: Seattle, Wa
Posts: 342
So... any reason why you're not using a Placeshifter connection?
__________________
Server: Intel i5-11400 @4.4GHz 6 cores Windows10 Pro, Sage 9.2.6.976, Comskip Donators
Capture: Now> Xfinity/TVEverywhere/Channels OpenDCT_0.5.32_x86.
Future> remote HDHR Prime with Firmware version 20150826
Storage: 120gB SSD, 4tB HD on Server
Network: Now> gb LAN; Future> 500Mb Comcast to WAN to 20Mb rural ISP.
Playback: FireStick 4K, miniclient V1.9.3
Tech Level: Hobbyist
Reply With Quote
  #17  
Old 08-08-2021, 06:27 PM
waynedunham waynedunham is offline
Sage Icon
 
Join Date: Sep 2004
Posts: 1,466
Quote:
Originally Posted by hb4 View Post
So... any reason why you're not using a Placeshifter connection?
2 main reasons, first and foremost because I'm accessing from my tablet when I'm remote, so no Windows/Linux OS to install the client. Secondly when remote I'm merely looking to monitor and adjust my recording schedule with no viewing of any recordings due to bandwidth limits on my remote connection.
Plus without knowing more about it, from the little I "think" I know it probably wouldn't have made a difference since I couldn't get to my machines from remote at all anyway.
__________________
Wayne Dunham
Reply With Quote
  #18  
Old 08-09-2021, 09:59 AM
sic0048 sic0048 is offline
Sage Icon
 
Join Date: Nov 2007
Posts: 1,372
Quote:
Originally Posted by waynedunham View Post
It appears there may be something broken in the DYNUPDATER program on my main machine. That is supposed to automatically change the DNS I have set up on DYNDNS any time my ISP changes my IP.
It isn't doing that even though from the taskbar everything looks OK. However I can't get the updater configuration tool to run. To me that might mean it isn't communicating with DYNDNS to make said changes.
So I may have to uninstall/reinstall the updater program to get it working again. I think I'll put it on one of the SageTV servers which run 24/7/365 rather than my "main" machine which is usually run 24/7, but I usually turn it off while I'm out of town.
You can also check to see if your router/firewall has a DNS updater service available on it. Many times it is, especially if you are using the most popular commercial options out there - like DYNDNS. This way you let the router handle the IP address updating process because it is always running.

The whole idea with the DNS forwarder is that you point your device to a constant web address like "sic0048.dnydns.org" and the forwarding service will connect to my home network regardless of the actual IP address of my home network. Of course as you found out, your system must be functioning properly and updating the forwarding service anytime your home network's public IP address changes.

Even if you use a VPN connection, you still need to rely on a DNS forwarding service if your home network isn't on a static puplic IP address (and most residential services don't provide that or charge a lot of extra money for it).
__________________
i7-6700 server with about 10tb of space currently
SageTV v9 (64bit)
Ceton InfiniTV ETH 6 cable card tuner (Spectrum cable)
OpenDCT
HD-300 HD Extenders (hooked to my whole-house A/V system for synched playback on multiple TVs - great during a Superbowl party)
Amazon Firestick 4k and Nvidia Shield using the MiniClient
Using CQC to control it all

Last edited by sic0048; 08-09-2021 at 10:02 AM.
Reply With Quote
  #19  
Old 08-09-2021, 10:54 AM
hb4 hb4 is offline
Sage Aficionado
 
Join Date: Sep 2008
Location: Seattle, Wa
Posts: 342
Quote:
Originally Posted by waynedunham View Post
2 main reasons, first and foremost because I'm accessing from my tablet when I'm remote, so no Windows/Linux OS to install the client.
I have the Android miniclient on my phone; it uses the Placeshifter login/locator service. But I'm guessing your tablet is Apple.
__________________
Server: Intel i5-11400 @4.4GHz 6 cores Windows10 Pro, Sage 9.2.6.976, Comskip Donators
Capture: Now> Xfinity/TVEverywhere/Channels OpenDCT_0.5.32_x86.
Future> remote HDHR Prime with Firmware version 20150826
Storage: 120gB SSD, 4tB HD on Server
Network: Now> gb LAN; Future> 500Mb Comcast to WAN to 20Mb rural ISP.
Playback: FireStick 4K, miniclient V1.9.3
Tech Level: Hobbyist
Reply With Quote
  #20  
Old 08-17-2021, 02:33 PM
KeithAbbott KeithAbbott is online now
Sage Icon
 
Join Date: Oct 2009
Location: Southeastern Michigan
Posts: 1,306
Quote:
Originally Posted by sic0048 View Post
PS - If people aren't using a password management system like BitWarden, they really need to as well. There is no way someone can create and remember unique, hard passwords for every logon they need. Using something like Bitwarden is actually faster because it will generally automatically fill in user names and passwords for me. So not only are my logons much more secure, but I can access sites quicker than before when I simply used the same 3-4 passwords for everything.
I've been doing some checking into Bitwarden, and have imported all of my bookmarks into BW (sure wish they had a way to sync browser bookmarks with vault entries). Now I'm turning my attention to sites that I have a logon established at. Before I get too far, I want to make sure that I have a usable backup copy of all of my website URLs, logon IDs and passwords on the off-chance that bad things happen to Bitwarden. My thought is to periodically export the BW vault to a temporary .csv file, and then make an encrypted .zip or .7z file using 7-Zip's AES-256 encryption method. That way, if BW were to suffer a DDoS attack (or whatever else), I would have almost immediate access to my userIDs and passwords from my most recent backup copy. Any thoughts or suggestions on a better way to accomplish the goal?
__________________
Server: MSI Z270 SLI Plus ATX Motherboard, Intel i7-7700T CPU, 32GB Memory, Unraid 6.9.2, sagetvopen-sagetv-server-opendct-java11 Docker
Tuners: 2 x SiliconDust HDHomeRun Prime Cable TV Tuners, SiliconDust HDHomeRun CONNECT 4K OTA Tuner
Clients: Multiple HD300 Extenders, Multiple Fire TV Stick 4K Max w/MiniClient
Miscellaneous: Multiple Sony RM-VLZ620 Universal Remote Controls

Last edited by KeithAbbott; 08-17-2021 at 02:36 PM.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Access WebUI? I keep getting forbidden weeber SageTV for unRAID/Docker 6 10-13-2019 08:17 AM
Remote access via Placeshifter hb4 SageTV for unRAID/Docker 3 03-16-2017 05:58 PM
Remote Drive Access? jimbruskalski SageTV Software 29 05-17-2006 10:14 AM
Networking and Remote Access akenis General Discussion 1 10-27-2005 04:53 PM
Remote Access to Sage?? tangfj SageTV Customizations 2 10-03-2005 02:01 PM


All times are GMT -6. The time now is 05:21 AM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2022, vBulletin Solutions Inc.
Copyright 2003-2005 SageTV, LLC. All rights reserved.