I've given your recommendation a try. It turned my Remote Access section in PMS from the red X to the green check. I got pretty excited, but from there when I tested it on a device (iPhone app) it would not connect....
Any other ideas?
Plex routes itself outside of the 'regular' network interface since you cannot specify a 'specific' interface. In the case of DD-WRT/Tomato firmwares, when you are running an OpenVPN client, you will need to route the specific IP addresses of Plex around your assigned IP from PIA...
For our needs, 'Plex' resides in these ip #'s...
https://forums.aws.amazon.com/ann.jspa?annID=1701
I have never had an address outside of here...
184.169.128.0/17
50.18.0.0/16
54.241.0.0/16
184.72.0.0/18
52.0.0.0/8
54.0.0.0/8
Now the good stuff... You can try this script in either the WanUp or Firewall portion of your router admin tabs...
EDIT: I would use this updated script instead of the one listed below... It includes DNS based resolution of the excluded sites...
https://forums.plex.tv/discussion/comment/1156066/#Comment_1156066
# This code goes in the FIREWALL section of the Tomato GUI.
# Make sure we leave enough time to enact our WAN and VPN routes
sleep 30
# Disable reverse path filtering as well, otherwise anything involving replies to remote access client won't work.
for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
echo 0 > $i
done
# Delete and table 100 and flush any existing rules if they exist.
ip route flush table 100
ip route del default table 100
ip rule del fwmark 1 table 100
ip route flush cache
iptables -t mangle -F PREROUTING
# Create the new Table 100 NOTE: Here I assume the OpenVPN tunnel is named "tun11".
ip route show table main | grep -Ev ^default | grep -Ev tun11 \
| while read ROUTE ; do
ip route add table 100 $ROUTE
done
ip route add default table 100 via $(nvram get wan_gateway)
ip rule add fwmark 1 table 100
ip route flush cache
# OUTPUT for Admin page of router (Set port for your setting)
iptables -t mangle -A OUTPUT -p tcp -m multiport --sport 8080 -j MARK --set-mark 1
# Port based bypassing for specified internal IP
iptables -t mangle -A PREROUTING -i br0 -s 192.168.3.100 -p tcp -m multiport --sport 32400 -j MARK --set-mark 1
# Bypass Plex/AWS IP DESTINATION
iptables -t mangle -A PREROUTING -i br0 -d 184.169.128.0/17 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i br0 -d 50.18.0.0/16 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i br0 -d 54.241.0.0/16 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i br0 -d 184.72.0.0/18 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i br0 -d 52.0.0.0/8 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i br0 -d 54.0.0.0/8 -j MARK --set-mark 1
#Bypass CanYouSeeMe.org
iptables -t mangle -A PREROUTING -i br0 -m iprange --dst-range 107.20.89.142 -j MARK --set-mark 1
#Bypass LAN IP Computers/Systems
#iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.3.112 -j MARK --set-mark 1
In short, you can add a variety of route changes through this script. As posted, it will route everything through your OpenVPN client (PIA) and then you must specify routes outside of that. In my case, I routed Plex and CanYouSeeMe outside of the VPN. I also specifically routed ports (top section) for Plex to my server.
