Post-update connectivity issues with iPad and iPhone to Roon on QNAP NAS (ref#8985UP)

Support
21

Hi @Alan_C,

Thank you for your patience.

Just to clarify, you’re not able to login to Roon in a browser outside of the app, even on an entirely separate network?

That would indicate that there’s some network-level filtering preventing authorization requests from reaching our servers. But you don’t have issues logging into Roon Community?

The QNAP itself show Roon Server online in the Docker, so we need to confirm that the network mode is in Host. When you first created the Container for Roon, did the YAML file include network_mode: host ?

22

Hi, Connor,

Thank you for your note.

On May 1, Benjamin advised me to log into account.roonlabs.com and to deauthorize machine ID 2f91535b. The issue is that I cannot log into that site. My logon information clears without an error message. However, I receive a Roon Security Alert that says, “New sign in detected.”

I have tried logging on from my iPad, iPhone, and hard wired PC. I have disabled pop up blocking, tried incognitio mode, cleared browser history, tried different WiFi networks, and downloaded Firefox, which I had never used before so there was no browser history to clear.

I think it is important to mention that my attempt to logon to account.roonlabs.com cleared without an error message even when I turned off WiFi on my phone and used cellular. That makes me think there is not an issue with network-level filtering in my set up. In fact, in Benjamin’s note of May 1, he wrote “The root cause is not a network problem and not a firewall issue. The logs reveal a specific Roon account/licensing conflict triggered by the April 27 update.” He goes on to recommend the machine deauthorization I mentioned above.

Please also see my note to Vadim of April 29. I provided what I thought might be the YAML there. If it’s not, please let me know how to find the YAML on my QNAP NAS.

I can log onto the Roon Community—and all other sites I’ve visited—without a problem.

Thank you.

Alan

23

Hey @Alan_C,

Just for clarity sake, I want to ensure we’re still troubleshooting the same issues, as there are really two separate problems that have gotten tangled together:

  1. The licensing conflict: Roon's cloud has two machine registrations for the NAS ("ghost" ID 2f91535b and the live Docker ID fda9354b). This is what's blocking Roon Server from authenticating and why clients can't connect.
  2. The account portal login loop: you successfully authenticate (Roon sends a "New sign in detected" email), but the browser session never lands on the dashboard. This is a client-side session/cookie handling failure after login, not a network block. It's happening across every device and network including cellular.
On the machine deauthorization: I want to be transparent with you, the web account portal does not actually have an option to deauthorize a server machine ID. What it does have is the ability to force-logout Roon remote app sessions on other devices. So while gaining access to your web account in definitely important, it may not have any hand it helping your connectivity issues.

Since you’re on Windows 11 and this is failing across Chrome, Edge, and Firefox, this points to something system-level rather than browser-specific. A few things to check:

1. Comcast xFi Advanced Security Your Comcast gateway may have xFi Advanced Security enabled, Comcast activates this by default on many accounts and it can silently interfere with certain authentication flows. Log into the Xfinity app or
http://xfinity.com
, go to your network settings, and check whether “Advanced Security” is enabled. Try temporarily disabling it and retesting.

2. Windows Security / Third-party Antivirus If you have any security software on your PC (Norton, McAfee, Malwarebytes, Kaspersky, Bitdefender, etc.), they often include a “web protection” or “HTTPS scanning” feature that intercepts browser traffic. Try temporarily disabling web protection in whichever security suite you have installed, then retry the login.

3. Windows DNS-over-HTTPS Check Settings → Network & Internet → your active connection → DNS settings, if a custom encrypted DNS is configured at the OS level, try switching it back to Automatic.

You actually shared just the container log output, not a Docker Compose YAML file. It starts with:

Roon: 2.65 (build 1653) production
00:00:00.002 Info: get lock file path...

That’s runtime log output, not a YAML configuration file. On QNAP with Container Station, you can find it by:

  • Opening Container Station
  • Clicking on the Roon container
  • Looking for a "YAML" or "docker-compose" tab within the container details

Let me know if you’re able to locate and share it. Thank you!

24

Hi Benjamin,

Thank you for your note! I misunderstood the importance of the portal logon; I thought it was crucial to what I an interested in: re----connecting to Roon. I will follow your instructions and report back.

Best wishes,

Alan

25

Hi, Benjamin,

Here is what I have so far:

  1. I clicked on the Comcast Advanced Security tab, but the field was blank. I will call Comcast tomorrow.
  2. I inactivated Norton antivirus on my PC, but again the login cleared without an error message.
  3. DHCP is set to automatic and DNS is unencrypted.
  4. I was unable to find the YAML despite a diligent search. However, I did find information that includes the line “network_mode: host” about which Connor asked.

services:
roonserver:
image: Package roonserver · GitHub
container_name: roonserver
network_mode: host
environment:

  • ROON_INSTALL_BRANCH=production
  • TZ=America/Los_Angeles
    volumes:
  • /share/Container/roon:/Roon
  • /share/Music:/Music
  • /share/Container/roon-backups:/RoonBackups
    restart: unless-stopped
    logging:
    driver: local
26

Hi Benjamin,

Comcast told me that I don’t have advanced security activated.

Best wishes,

Alan

27

Hi Benjamin,

I have been unable to connect to Roon since 04/27 (6 weeks)! My goal is to reconnect. I understood that to do so, I would have to log into account.roonlabs.com to resolve the issue of a ghost machine. Logging on has proved impossible despite all the maneuvers I have tried, summarized below. Are you able to inactivate the ghost machine for me?

  • After the Roon update of late April, I was unable to connect to Roon. I was advised to create a container for Roon. After the container was created, the issue of a ghost machine was identified. I was instructed to log onto account.roonlabs.com to force logout from the ghost machine. I cannot log onto that account.

  • At account.roonlabs.com, authentication succeeds (confirmed by a “New sign-in detected” email immediately after each attempt).

  • Account portal login never completes (username/password clears and returns to login screen)

  • Issue occurs across multiple devices (iPad, hard-wired Windows desktop), multiple networks (including cellular), and multiple browsers cleared of cookies, browsing history, and pop-up blocking.

  • Disabling Norton antivirus does not resolve the issue.

  • No browser, cookie, DNS-related errors appear to be present because authentication is completing server-side. I do not use encrypted DNS.

  • Comcast/Xfinity confirmed I do not have advanced security enabled.

  • I haven’t encountered this issue at any other web site. I can connect to the QNAP NAS and access the Roon container there without any problems.

  • I could not locate the YAML,but I did find the line “network_mode: host” in information provided by the container.

Thank you!

Best wishes,

Alan