Roon Nucleus with no additional internal storage and latest software. Purchased a few weeks ago.
Networking Gear & Setup Details
Third Floor: The Roon Nucleus is connected by CAT6 Ethernet cable to a Luxul 12-port/8 PoE+ Gigabit Managed Switch model AMS-1208P. I have a M1 Mac Mini (2020, 8 GB, OS Monterey version 12.2.1) connected by ethernet to the switch.
Ground Floor: The managed switch is connected by CAT6 Ethernet cable to a Luxul 26-port/24 PoE+ Gigabit Managed Switch model AMS-2624P. This switch is plugged by CAT6 cable to a Xfinity xFI Gateway Router model name CGM4331COM by vendor Technicolor.
Connected Audio Devices
The 2 USB ports on the back of the Nucleus are used by my Amicool USB External DVD Drive (Amazon) and a Seagate 5 TB external desktop HDD model SRD0NF2.
The Roon remotes for DACs, Amps and Sonos speakers are an iPhone 13 Max and a 2019 12.9 inch iPad.
Number of Tracks in Library
Description of Issue
On several days of using my Roon account, I get a security alert stating that someone has logged in to my account in New York. I don’t live in New York. This warming has prompted me to change my username a few times now on the Roon website. It happened again today. I have been letting the Apple iPhone software pick out complex passwords for me. Any advice?
What’s the exact message? Does it mention an IP address? Time of day? Do you use a VPN? If there is a date stamp of the login attempt, have you been using your phone at that moment? Have you given anybody you know your login/password to Roon that could be triggering these alerts?
Another possibility is that your ISP is peering or terminating traffic in New York, so to Roon it appears that the login is coming from there. I have a number of services believe I am in Chicago and I am nowhere near it, it’s just where my internet interconnection terminates to that service.
Craig, I’m not sure how to definitively test this. I work in telecommunications and have worked with all the major telecom providers and know many of the facilities where they terminate (e.g., my mobile and fiber connections both terminate in Chicago as I noted above, and I am served a lot of local Chicago area ads on my phone and laptop web browser vs. other locations).
Are you still having the issue? It seems as though the VPN may terminate in New York.
Does this email warning occur only when you sign in? I use some secure settings on my web browser and need to log into the forum daily. I received a similar email every time I log in. If this is consistent with when you log into Roon or the forum, then it’s probably nothing to worry about.
The VPN has been turned off for a couple weeks now. I’m still getting the attempted login alerts. The last message was Wednesday stating that a login attempt was made in Charlotte, North Carolina, USA. I don’t live there.
I believe it’s capturing the forum and Core logins. My guess is your ISP is terminating in Charlotte which is a large peering and interconnection point on the internet for a number of major service providers.