Roon Nucleus with no additional internal storage and latest software. Purchased a few weeks ago.
Networking Gear & Setup Details
Third Floor: The Roon Nucleus is connected by CAT6 Ethernet cable to a Luxul 12-port/8 PoE+ Gigabit Managed Switch model AMS-1208P. I have a M1 Mac Mini (2020, 8 GB, OS Monterey version 12.2.1) connected by ethernet to the switch.
Ground Floor: The managed switch is connected by CAT6 Ethernet cable to a Luxul 26-port/24 PoE+ Gigabit Managed Switch model AMS-2624P. This switch is plugged by CAT6 cable to a Xfinity xFI Gateway Router model name CGM4331COM by vendor Technicolor.
Connected Audio Devices
The 2 USB ports on the back of the Nucleus are used by my Amicool USB External DVD Drive (Amazon) and a Seagate 5 TB external desktop HDD model SRD0NF2.
The Roon remotes for DACs, Amps and Sonos speakers are an iPhone 13 Max and a 2019 12.9 inch iPad.
Number of Tracks in Library
5000+ tracks
Description of Issue
On several days of using my Roon account, I get a security alert stating that someone has logged in to my account in New York. I donât live in New York. This warming has prompted me to change my username a few times now on the Roon website. It happened again today. I have been letting the Apple iPhone software pick out complex passwords for me. Any advice?
Whatâs the exact message? Does it mention an IP address? Time of day? Do you use a VPN? If there is a date stamp of the login attempt, have you been using your phone at that moment? Have you given anybody you know your login/password to Roon that could be triggering these alerts?
Another possibility is that your ISP is peering or terminating traffic in New York, so to Roon it appears that the login is coming from there. I have a number of services believe I am in Chicago and I am nowhere near it, itâs just where my internet interconnection terminates to that service.
This is the message I get. I have a VPN. I donât know if I was using my phone at the moment that the message was generated. No one should know my login but me. I havenât shared it with anyone.
@Robert_F, How could I find out if my ISP is peering or terminating traffic in New York?
Craig, Iâm not sure how to definitively test this. I work in telecommunications and have worked with all the major telecom providers and know many of the facilities where they terminate (e.g., my mobile and fiber connections both terminate in Chicago as I noted above, and I am served a lot of local Chicago area ads on my phone and laptop web browser vs. other locations).
Are you still having the issue? It seems as though the VPN may terminate in New York.
Thanks for the advice. The VPN is turned off on my phone. When I logged onto community.roonlabs.com, I got this warning email:
New sign in detected
A new device from New York City, New York, United States of America just signed in to your Roon account. If this was you, you donât need to do anything.
Note: Your location may be inaccurate since it was estimated using your IP address.
If this doesnât sound right, please let us know by replying to this email, or visit this pageto reset your password.
Does this email warning occur only when you sign in? I use some secure settings on my web browser and need to log into the forum daily. I received a similar email every time I log in. If this is consistent with when you log into Roon or the forum, then itâs probably nothing to worry about.
The VPN has been turned off for a couple weeks now. Iâm still getting the attempted login alerts. The last message was Wednesday stating that a login attempt was made in Charlotte, North Carolina, USA. I donât live there.
I believe itâs capturing the forum and Core logins. My guess is your ISP is terminating in Charlotte which is a large peering and interconnection point on the internet for a number of major service providers.
