Posts: 7
Joined: Sep 2016
Reputation:
0
I have Kodi running on a Debian server. I have a VPN connection on this machine using OpenVPN and everything works perfectly. I'm try to use ipsec via strongswan rather than openvpn due to performance benefits, but I find that this interferes with Kore and other remote apps from connecting.
I know local traffic to the server is working since I can ssh into it.
So I'm thinking it might be that strongswan is blocking a port, but it uses 4500, 500, and 68, none of which are ports Kodi is documented as using (as far as I can find).
Any thoughts about this?
Posts: 4,498
Joined: Jan 2011
Reputation:
150
DaVu
Team-Kodi Member
Posts: 4,498
2018-03-24, 14:27
(This post was last modified: 2018-03-24, 14:28 by DaVu.)
Not sure if that helps. For using Kore Kodis webserver has to be enabled. Kore (as well as Yatse) are sending json-requests to the webserver. So you probably need to open port 80 (might also be 8080 by default) or configure the webserver at the Kodi settings to use another port and open that for incoming traffic.
Posts: 7
Joined: Sep 2016
Reputation:
0
The web interface is enabled, it works perfectly until I start ipsec. But all of my other local traffic works, even the chorus webui through my browser. The only thing that doesn't work is Kore, yaste, etc. So the remote apps must require something that ipsec interrupts, but I can't pinpoint what that is.
Posts: 548
Joined: Dec 2011
Reputation:
28
Thats just normal.
If you connect to your vpn, your pc get a ip adress of your target vpn network. the webserver which is used will have this ip adress, too.
your smartphone is not in this ip range and so it cannot connect.
solution is to connect with your smartphone to the same vpn.
Posts: 7
Joined: Sep 2016
Reputation:
0
2018-03-25, 01:48
(This post was last modified: 2018-03-25, 01:49 by nosmokingbandit.)
That is not correct since I'm connecting locally, and I know that is possible because ssh works using local ip, and the chorus webui works using the local ip. As I said before, the only thing that changes when using ipsec instead of openvpn is Kore stops connecting. Everything else works perfectly.
Posts: 19,982
Joined: May 2009
Reputation:
451
nickr
Retired Team-Kodi Member
Posts: 19,982
ipsec could be changing all sorts of things, routing, ip addresses, name resolution etc.
All network debugging starts with ping - can you ping the debian machine from your phone (I assume a phone, could be a tablet). By ip address? By name?
If so, can you telnet from the phone to port 80 or 8080 or wherever you are running the kodi webserver?
What does the very useful android tool fing tell you?
If I have helped you or increased your knowledge, click the 'thumbs up' button to give thanks :) (People with less than 20 posts won't see the "thumbs up" button.)
