diff --git a/config.py.example b/config.py.example
index f2fbb81e4fe54af4e89c78e5ba3aedd984f169b3..bbbed17acd8d288f28ef84c2ac9d772d13ed376f 100644
--- a/config.py.example
+++ b/config.py.example
@@ -30,6 +30,7 @@ LDAP_GROUPS = ['fachschaft']
 ERROR_PAGE = 'static/500.html'
 RWTH_IP_RANGES = ['134.130.0.0/16', '137.226.0.0/16', '134.61.0.0/16', '192.35.229.0/24', '2a00:8a60::/32']
 FSMPI_IP_RANGES = ['137.226.35.192/29', '137.226.75.0/27', '137.226.127.32/27', '137.226.231.192/26', '134.130.102.0/26', '127.0.0.1/32']
+INTERNAL_IP_RANGES = ['127.0.0.0/8', '192.168.155.0/24', 'fd78:4d90:6fe4::/48']
 DISABLE_SCHEDULER = False
 #MAIL_SERVER = 'mail.fsmpi.rwth-aachen.de'
 MAIL_FROM = 'Video AG-Website <videoag-it@lists.fsmpi.rwth-aachen.de>'
diff --git a/db_schema.sql b/db_schema.sql
index 67e27877972aede0c3055bf21dcc65753883ffba..0feb9cacead2660fc581001bac80a73d57434886 100644
--- a/db_schema.sql
+++ b/db_schema.sql
@@ -187,6 +187,7 @@ CREATE TABLE IF NOT EXISTS `live_sources` (
   `description` text NOT NULL DEFAULT '',
   `options` text NOT NULL DEFAULT '',
   `server` varchar(32),
+  `server_public` varchar(32),
   `clientid` INTEGER,
   `last_active` datetime,
   `time_created` datetime NOT NULL,
diff --git a/livestreams.py b/livestreams.py
index 1146185635ff7fad37d23c787e6b98b008cf4171..52b8f0c7fe4be15e0614eb5924bc44d104819a21 100644
--- a/livestreams.py
+++ b/livestreams.py
@@ -125,7 +125,7 @@ def streamauth(server):
 		sources = query('SELECT * FROM live_sources WHERE NOT deleted AND `key` = ?', request.values['name'])
 		if not sources:
 			return 'Not found', 404
-		modify('UPDATE live_sources SET server = ?, clientid = ?, last_active = ?, preview_key = ? WHERE id = ?', server, request.values['clientid'], datetime.now(), gentoken(), sources[0]['id'])
+		modify('UPDATE live_sources SET server = ?, server_public = ?, clientid = ?, last_active = ?, preview_key = ? WHERE id = ?', server, request.args.get('public_ip', server), request.values['clientid'], datetime.now(), gentoken(), sources[0]['id'])
 		ret = Response('Redirect', 301, {'Location': '%i'%sources[0]['id']})
 		ret.autocorrect_location_header = False
 		return ret
@@ -133,9 +133,12 @@ def streamauth(server):
 		source = (query('SELECT * FROM live_sources WHERE NOT deleted AND id = ?', request.values['name']) or [None])[0]
 		if not source:
 			return 'Not found', 404
-		if source['preview_key'] != request.values.get('preview_key'):
-			return 'Forbidden', 403
-		return 'Ok', 200
+		for net in config.get('INTERNAL_IP_RANGES', []):
+			if ip_address(request.values['addr']) in ip_network(net):
+				return 'Ok', 200
+		if source['preview_key'] == request.values.get('preview_key'):
+			return 'Ok', 200
+		return 'Forbidden', 403
 	elif request.values['call'] == 'publish_done':
 		modify('UPDATE live_sources SET server = NULL, clientid = NULL, preview_key = NULL WHERE server = ? AND clientid = ?', server, request.values['clientid'])
 		return 'Ok', 200
diff --git a/templates/streaming.html b/templates/streaming.html
index 6a385d040c50dc9758ee4a1c494838841cfe914d..647f92f6df5697d3c0c8d5fdcf1a7d51ee1406a8 100644
--- a/templates/streaming.html
+++ b/templates/streaming.html
@@ -32,7 +32,7 @@
 					</ul>
 					<ul class="list-unstyled col-sm-3 col-xs-12">
 					{% if source.clientid %}
-						<li><a href="rtmp://{{ source.server }}/src/{{ source.id }}?preview_key={{ source.preview_key }}">rtmp://{{ source.server }}/src/{{ source.id }}</a></li>
+						<li><a href="rtmp://{{ source.server_public }}/src/{{ source.id }}?preview_key={{ source.preview_key }}">rtmp://{{ source.server_public }}/src/{{ source.id }}</a></li>
 						{% if source.stat and source.video and source.audio %}
 						<li>Quelladresse: {{ source.stat.address }}</li>
 						<li>Framedrops: {{ source.stat.dropped }}</li>