Roon ARC and VPNs, again

I have been able to connect through Roon ARC as long as I do not connect through ProtonVPN. Turn on ProtonVPN, ARC disconnects, turn it off, it connects, rinse, repeat.

I listened to the Darko podcast about Roon ARC and Eeno said a forwarded port is not much of a security risk because the port only allows Roon ARC in. I am not enough of a network person to know if this is the case, but it doesn’t matter for me. ProtonVPN closes all local ports and at least the Mac version has no option to forward ports.

Maybe someone can suggest a way to get ARC to connect through the industrial-strength VPN that is Proton.

1 Like

I’m not familiar with Proton, but if you use VPN, you shouldn’t need port forwarding. I am now using OpenVPN on the router and ARC works fine as long as I am connected to it on the mobile device.

Right, for a VPN running on the router, a user running that VPN can get access to the local network behind it.

Proton is a subscription VPN connected through the machine itself, and it closes all local ports. So forwarding port 55000 on the router doesn’t do anything. Once the VPN is engaged, it blocks that port too. A secure connection, to be sure, but it limits ARC’s range.

Understood. What you need to do is connect the device to your VPN, using either a Proton VPN client or your device OS’s VPN support. Once the device has access to the local network, there’s no need for port forwarding.

I use Proton VPN, and Roon ARC works absolutely fine on iOS.

However, a good start would be to describe your core machine–is Proton running on this?–, your network, remotes, and what device runs Roon ARC.

Furthermore, please share your Proton VPN settings, e.g., moderate NAT, kill switch etc.

My Roon Core is an M1 Mac mini running Ventura. ProtonVPN runs on this machine.

ARC is on an iPhone 13 running iOS 16.1. ProtonVPN runs on this also. The app setting to allow LAN connections is set to on.

It is a bit odd, and I just realized, that ARC will play music through the phone, even while the Mac mini reports that ‘Roon ARC was unable to securely access your Roon core.’ I am still on my local network, maybe that’s why?

Turn off WiFi on the phone to make sure you’re not on your local network and see what happens. If the phone is connected to the VPN, ARC should work, regardless of the port setting.

I’ve just run up a core on a MacBook, and I can replicate the problem. Unfortunately, there is currently no solution for macOS; the Windows app allows port forwarding, but this is currently unavailable for Linux and macOS.

You’ll note that your IP changes when connected to Proton VPN, i.e., it adds another NAT layer. It may be possible to circumvent this issue using the command line, so it may be worthwhile reaching out to Proton support.

Edit: See this thread on Reddit re. Linux and macOS clients.

I appreciate your efforts to dig in on this issue. The situation creates a tradeoff between the security of using a VPN and the utility of listening to one’s music while outside the home. I need to stick with security but I could see others making a different choice.

1 Like

You could consider moving your core to a NUC running ROCK.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.