I want EMBY behind a vpn for remote connections but not sure if remote users are going to take a big performance hit. Can have 5-10 remote connections sometimes.
Too many unknowns to answer this. VPN can have a big impact, or it could have an insignificant impact. Finding a protocol that doesn’t affect performance very much and is supported by all your client devices needs experimentation. If I wanted to implement it for some reason, I suppose I’d try WireGuard first.
Try it?
All VPN providers have a trial or monthly fee.
I only use mine for music when I am gone and it works great streaming FLAC. I have my domain set up with Cloudflare, then use NginxProxyManager on my server. Easy to set up and works great. Next time I am at the office, I’ll try watching some 1080p stuff and see how it works.
I tried to do this and I could never figure it out. I think my VPN blocks port forwarding and I can’t do it because of that.
So a few things to take in to consideration:
- The Public IP you get from your VPN can change, meaning you’d need to setup a DDNS service to keep a DNS name updated with the changes.
- Some VPNs, you share a public IP with other people.
- VPNs often throttle connection speeds, so even if you left any speed limits disabled, you may still have issues streaming to multiple people.
- Port forwarding. You may not be able to accomplish this.
My question for you is: Why do you want to put Emby behind a VPN? Are you planning on routing your entire internet connection at home through a VPN?
Maybe ZeroTier will be the better solution, as long as your server will only need to be accessible to selected clients via a tunnel from the outside of your NAT.
Ya sounds like a trial and error process. Thanks
I’m interested in the cloud flare route. I haven’t explored your setup at all but I think I will.
Oh I have a plan for how to use ddns with vpn. Currently I have a domain name that points to a DDNS hostname that points to my public IP. If I put up a vpn there is a tool to update the ddns hostname with my vpn ip. I’m not worried about connectivity so much as performance.
Hey, I have a domain name with cname record pointing to a ddns hostname which points to my public ip. I have this setup so I can use certificate with Emby. The only thing more I want is to hide my public ip from remote users. For security and privacy. So either need vpn or a proxy like cloudflare I guess. I only intend to route my Emby server this way. Everything else doesn’t need to hide behind anything.
I followed an IBRACORP! youtube video on it (as I use unRaid for my server) super easy and quick to set up.
Your vpn provider still has to support port forwarding. Some VPN providers do. Most don’t.
Performance will greatly depend on the bandwidth of the vpn host though for performance. Keep in mind cheap VPNs are cheap because they significantly over subscribe their hosts.
I like airvpn, they report usage of their hosts and support port forwarding.
Or you can get a cheap VPS on vultr or digital ocean and roll your own vpn server.
Ahhh ok. That makes sense.
Since you only want to route your Emby traffic through that, you’d need to setup firewall rules to forward just that traffic through a VPN gateway. Depending on your network setup, it might not be possible.
I do something similar, but for a torrent client. Only that traffic routes through that. I had to setup a specific gateway, and firewall rules though. I use PFSense which is a SOHO router solution. Setting up DDNS on just that connection might be a bigger challenge though too…
Wish I could offer better help.
Doesn’t the port forwarding happen on my network? I’m forwarding incoming traffic from standard internet port 443 to whatever I have setup on Emby. Not sure where the vpn port forwarding plays in. I’ll double check that. I use PIA btw which supports port forwarding.
If you want your users to come in via the VPN… the port forwarding hast to be on on the vpn provider side. Your end user targets the VPN Public IP and the exposed port. The VPN provider forwards/translates that port to your server(emby).
IIRC PIA’s port forwarding is dynamic. They give you a different port every time you connect. But I haven’t played with PIA in quite awhile, maybe they changed it.
I’m pretty sure OP is talking about hosting a VPN server inside his/her network and not a commercial VPN like Nord or similar that you are talking about.
PIA is a vpn provider
You’re right, I didn’t read his whole reply. Good catch.