for Roon Arc - advanced (and more secure) configuration:
Punching holes in the router firewall, while one option, is not always available or preferred. I would like the ability to configure Arc in the settings to give a domain alias for Arc to communicate with, for example: myarc.mycooldomain.net (obviously, its on me to configure this dns for this cname example)
Internally, I can configure the firewall to proxy this address to my internal RoonCore at any port you require (say 192.168.2.20:55000 etc)
while this is a very advanced feature request, its actually quite easy to setup on your end (in the software) - a flag for advanced config and a text field for the FQDN vs the hardcoded IP:Port…
thoughts?
for Roon App -
basically, the same option, to be able to enter an alias address (myroon.mylocal or myroon.mycooldomain.com) as an advanced feature vs it storing the scanned IP address.
edit: the request for this on the main app too is due to the way the app attempts to use the running vpn on the iphone to connect to the core - having a cname configured will prevent this failure to connect)- what is interesting is: most (not all) ios apps are still able to talk to local devices while a vpn is running on the phone, but RoonApp cannot [once connected to the core, the vpn can be re-enabled, strangley]
Thank you, but I think the Roon app is doing something different when doing the initial connection. Once I start the roon app I can then start the vpn and Roon GUI still works great… All other apps on the phone can do local network communication while the VPN is already on (split Tunnel)… Hence my request for the ability to cname/alias the location of my Core so that I can control dns…
Any discussion on allowing a cname configuration or a proxy configuration (think cloudflare, which, I bet RoonLabs is using themselves) so the end user does not have to punch a port hole in their firewall?
I’d be keen for a feature like this too. You could even simply have a url setting in the ARC phone app that allows a url, then run cloudflared on the Roon core, and configure what you need on the CF Zero Trust platform.
I open and close that stupid port on my firewall when i want to use ARC-- its such amateur hour by Roon to not allow this to be configurable ( as in, let us use port 443 and i can reverse proxy to exactly where i want the data to flow to roon’s internal port and this allows me to deal with the traffic the way i want to on my network) – honestly, if feels like the '90s are calling with this god-awful locked port setup… (I thought about a double reverse proxy so my ha-proxy can monitor the traffic - too lazy to implement now)
@support - take a page from PLEX SERVER – see how noobs can use the base config and advanced users can roll their own ssl/dns/cname/domains onto their network… maybe the new owner will fix this silly design…