PDA

View Full Version : How to access SqueezeCenter from outside? (NAT)



staalelor
2008-05-23, 12:35
Hello.
I need to know what ports (TCP,UDP) to forward in and out from my
NAT'ed network at home, to anywhere.
I need to be able to connect other Duets to my own SqueezeCenter.

I forward TCP 9000 and TCP/UDP 3483 now. Not enough I figure?

Mnyb
2008-05-23, 12:53
I have TCP/UDP 9000 and TCP/UDP 3483 and also TCP/UDP on 9090 but i think that is unecessary.

That should be it.

dont forget to use your external ip when surfing to your server.

apb
2008-05-23, 13:38
This seems like a great idea. However, I'm very suspicious about opening up ports to the world like that. It would be nice if there were ports that could be made available that had limited accessibility (like not being able to see or use the SC settings) and also requiring a password would very nice (don't necessarily want to give away my entire music collection to the whole world). Can SC be set to work with https URLs only -- that would probably satisfy many of the security issues on the 9000 port? For instance, from the settings page one can browse the entire file structure on your computer trivially. Maybe there are already work-arounds for these issues, I'm still fairly new to this.

I assume the 3483 port is for the actual streaming content. If this is one way from server to client, then it's probably not too bad, but if bidirectional, then it probably opens up even more potential security holes. Has anyone looked into this or can speak from a position of knowledge about how big a security issue opening up this port would be?

staalelor
2008-05-23, 13:47
Yeah, I'm using password protection inside the SqueezeServer. Totally trusting that security. I'm not sure how secure I really am though.

Mnyb
2008-05-23, 13:58
Yeah, I'm using password protection inside the SqueezeServer. Totally trusting that security. I'm not sure how secure I really am though.

Thats not much security me thinks, my protections is that my server is for music only (no sensitive stuff there), and I use wol over internet, so it's not on while i'm not listening, even when i'm not at home.

I have ofcourse a firewall on the server to

No point in protecting music it is aviable much faster on any torrent site, or other downloads.

There are ways so that you can use SSH tunneling to Softsqueeze, thats probably secure. But I've never found any comprehensive guide on how to do that.