Inability to access Roon ARC (ref#CDQD1P)

Richard_Gilbert1 · November 11, 2024, 8:48pm

What’s happening?

· I'm having trouble with Roon ARC

What best describes your issue with ARC

· I can't log into ARC but I can log into Roon

Describe the issue

Cannot access roon arc

Describe your network setup

Xfinity modem with ASUS 5300 router

Wade_Oram · November 11, 2024, 9:03pm

Can you post a copy of the diagnostic text shown in the Roon client (not ARC) when you go to Roon → Settings → Roon ARC.

Richard_Gilbert1 · November 11, 2024, 9:16pm

{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“71.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“10.0.0.18”},
“status”: “status”: MultipleNatFound
,
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“192.168.1.1”,“found_upnp”:true}
}

benjamin · November 11, 2024, 9:41pm

Hey @Richard_Gilbert1,

Thanks for writing in and sharing your report! The two important things to take note if in your error log are:

and

The port forwarding diagnostics you’ve provided suggest there is a redundant layer of network address translation preventing port forwarding. This prevents ARC from recognizing the external IP address of your home network.

The second layer of NAT can either be at the local-network level (commonly as a result of two routers), or at the level of your service provider (called “carrier-grade” NAT, or CG-NAT).

If your setup involves an ISP-provided gateway (modem/router combination) and your own third-party router:

In the web administration interface of the ISP-provided gateway (modem/router combination), enable Bridge Mode or equivalent, where the ISP-provided gateway does not have DHCP routing enabled.
Alternatively, if you have already created a manual port forwarding rule in your 3rd-party router, you can add an additional rule to forward the port through the ISP/second router.

If you only have one router in your setup or your modem is already in Bridge mode, please take a look through our list of known router and internet service provider solutions, as other users may have already encountered the same situation: ISPs and Routers: List of Known Solutions and Workarounds.

You can reach out directly to your service provider to ask if they support port forwarding; this question will often enough to prompt them to explain whether or not the carrier-grade NAT they’ve implemented can function with ARC.

Wade_Oram · November 11, 2024, 10:05pm

In addition to the comments from @benjamin above, I can see non-routable ip addresses in two different subnets (10.0.0.0/24 and 192.168.1.0/24).

This tells me that you have two routers on your local network which would cause the MultipleNATFound error.

This, coupled with the other ip address (71.aaa.bbb.ccc) suggests that CG-NAT is not involved but doesn’t eliminate it as a possibility.

Richard_Gilbert1 · November 11, 2024, 10:28pm

I have an ASUS mesh router system with three routers around the house.

The Roon ARC was working fine until Xfinity changed my modem to a newer model. I think this could be the problem perhaps related to the Bridge mode not being enabled. I’ll start with that.

Thanks

Wade_Oram · November 12, 2024, 8:20am

Your mesh system may have three identical router devices - but it is almost certain that only one of them is configured to perform routing functions. The others just act as mesh nodes (effectively access points).

The two ‘routers’ that you have in your network will be the Xfinity ‘modem’ and the primary Asus mesh router (hopefully, the one connected by ethernet to the Xfinity modem).

There are two ways to elliminate the double NAT on you local network:

Set the Xfinity router to ‘bridge’ mode (sometimes called ‘modem only’ mode). This is probably the way that the old Xfinity router was configured. All routing and security features will be handled by the primary Asus Router.
Change the primary Asus router to work in access point mode. All routing and security features will be handled by the Xfinity Modem/Router.

Once either of these are done, then you should have only one NAT layer in your local network. You should then be able to configure uPnP or explicit port forwarding on the remaining router (the Asus router in case [1] and the Xfinity router in case [2] above).

Alternatively, you may wish to skip port forwarding altogether and use Tailscale instead. If you do this, the Roon Client Roon ARC settings page will continue to report the error but that will not matter. Tailscale will work with CG-NAT as well.

If you have a Nucleus or Nucleus Plus (or a ROCK system using bios boot), then the latest version of RoonOS that you can run is build 259 which does not support Tailscale on the Roon Server machine. In this case, to use Tailscale you will have to set it up as a Subnet Router on a different, always on, computer - possibly a Raspberry pi if you have one.

connor · November 13, 2024, 12:03am

Hi @Richard_Gilbert1,

If you’re using a Windows or MacOS RoonServer machine, the simplest solution is to install Tailscale. This will traverse all NAT layers as necessary and securely to allow ARC to connect.

See here:

system · November 14, 2024, 12:03pm

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.