Some help required for a silly question.
i am new in using plex server, and I am struggling to understand it’s working.
what I want to achieve is that users on a local server can login without being forwarded
to plex.tv for logging in. This is frustrating, it doen’t work.
allowed without auth
I went to the network tab in settings to find
“Authentication for local network access”
whatever I do, No other laptop or device here in the LAN can
go to the plex server’s ip and see the home list of movies,
without being forwarded to https://app.plex.tv/auth and logging in on a created account.
In all tutorials and support I could find, it seems so easy.
It is not needed that users must login on an external site, where the
actual server is here running on the LAN. What is it I don’t see?
Thanks for any help.
update: Even when I try it on the server (localhost) it doesn’t work, I got the
api linked forward to app.plex.t to login…
ps; ‘remote settings’ is off. I don’t need this to allow local users right?
Hi por47,
I get the trouble, I had some similar problem as well when I set things up, but that was long ago now, so I don’t remember the details anymore. So your list looks something like this:
A thing I only recently found out on another device and software was that the variable part of the ip (fix.fix.fix.var in this case) had to be set to zeroes because it would cause some unpredictable issues where something like uplink works but downlink just didn’t, without logging any errors of course.
Though to make this clear, that was not Plex, that was a router (fritz.box), just that you might want to send me a screenshot of your settings so I may find some miniscule details indicating the problem.
And while you’re at it, you can also send the log files.
I use a fritz box to. so what a coincidence.
I appreciate it much you reply and help. With
local configuration details about ip addresses I am a bit careful
on the internet, however.
I will use a dummy ip range.
127.0.0.1,192.178.178.1/24.
What part of the settings you need? there are many tabs in the settings menu.
ps, the last interface belongs to a VPN connection. For now please ignore it.
I want to have it working locally first.
About log files, I need to find them first and the log file path.. I guess, I could use a tail command
on the files in /var/log
update:
I found an option to download the logs in a zip file in the extra menu in the application gui. Handy. I checked them quickly, but they are exposing many ip addresses on the local network here. Putting them on this forum would be unsafe i think. Is there a keyword in the logs I can search on and share only these details?
.
and remove everthing else.
Localhost (the 127.0.0.1) shouldn’t be necessary and 10.10.0.0/32 doesn’t seem right. /32 means no further IPs (all 32bits are fix) and any *.0 seems to not be used for any clients afaik, which is why your router, the very first device in your network, gets a *.1. And maybe Plex just refuses access from all IPs in the allowed fields if a single entry is off.
- most likely no. As in ‘it is safe’. Yes, it exposes IP addresses, but these are your local IP addresses. They are not accessible from outside and even if you enabled port forwarding (which I think you did when you say VPN), the public IP would still be required and should not be shown there. Only if your filenames or folders contain sensitive data (like the family names in clear text if you collect family videos) would I discourage sharing the logs.
Otherwise it’s pretty much routine to share logs publicly.
But try the steps in my prior message first, it’s not unlikely this fixes the issue. Only if it doesn’t you may share your logs
you can’t authenticate locally. User accounts only exist on plex.tv
remove the space character after the comma in that input field. Otherwise the whole field will be ignored.
If you put your whole local network in there, then nobody is forced to authenticate. If you’re unlucky, all clients will be treated as if they were logged in to your “admin” account.
Wow, guys thanks for all your replies, I am a bit confused now…
All-right. Super4jet, starting by your suggestion,
I deleted all interfaces and changed it to: 192.178.178.0/24
I saved the settings and tried top open a new browser (empty profile)
and opened the servers’ ip. Again I was forwarded to plex.tv
Now others claim that is the only possibility. But then why is there a
“List of IP addresses and networks that are allowed without auth” box at all?
…confused…
what I try to achieve is that people on the LAN can simply go to the server using a browser and they will see a home folder with movies instantly as a guest. no logging in when they are local. Like a media player.
Could I send you my logs as a private message? I take your word for it it is save, just I would feel better if my logs are not exposed for anyone to see.
All you can do is to provide a playback device of your own.
Activate the Guest account in Plex.
Log in on the client as yourself.
Activate “Automatic Logon” in the settings of the Plex app on that device.
Then “Switch User” to the Guest account.
Put a PIN on your own account, to prevent your guests from switching to your “Admin” profile.
Ok I see, maybe I didn’t ask the right question. Better forget about the “no logging” part.
I still don’t understand what the
“List of IP addresses and networks that are allowed without auth”
is for. I thought it could bypass local users directly to the video’s
What actually could i use it for then?
Is it like, the user creates an account on the forwarded plex api link, and after creation the user
will sign in automatically after the server sees it is a local ip user?
This is mainly for use by the administrator and for the case when Internet-connectivity is lost for longer periods, so no authentication is possible.
It makes sense to put the IP of the personal computer of the admin in there, as well as the IP of a jointly-used playback device (e.g. the TV in the living room).
However, as I pointed out above: all playback activity on these devices will be attributed to the admin user account.
And every user who uses these devices will be able to do what the server admin can do.
Depending on the client type, this can include deleting movies and changing fundamental server settings. So I’d use that very carefully and limit it to single devices only. Never to the whole local subnet.
In short: BYOD for using Plex as “house guest” doesn’t work.
I see now. I think I misunderstood the whole concept of PLEX server then.
I created a user account on another pc, logged in plex.
I see the right ip address as URL. But the new user can’t see the servers folder in ‘HOME’
it is only possible to share more content.
What do I need to do at the admin account to let the new user “see” what the server should be able to serve?
After the user has accepted the invitation,
(can be done on this page, under the button “Requests” / “Anfragen” https://app.plex.tv/desktop/#!/profile )
you are able to share some (or all) of your media with this user.
just typed in the ip and voila! Things are going great for me. And I just whitelisted my ip range.
Edit: yes, I just read a bit further and I assume that most people know who uses their LAN and that these people are not raiding the server, which makes this option good enough for these people. I also assume that when OP asked for general access without authorization he knows that they might do so - without authorization.
And it’s also merely the subnet, not the whole internet. FritzBox has fancy tech like a guest hotspot, securing the LAN from those mischievous people even more.
However, as I pointed out above: all playback activity on these devices will be attributed to the admin user account.
And every user who uses these devices will be able to do what the server admin can do.
Depending on the client type, this can include deleting movies and changing fundamental server settings. So I’d use that very carefully and limit it to single devices only. Never to the whole local subnet.
Fine, unlock your whole subnet. If you can stand unqualified or mischievous people messing up your server.
So I guess it’s up to you if you want to pursue the access without auth.
As OttoKerner rightfully said, ‘unlocking’ your LAN subnet might lead to all kinds of
A very real risk.
Unless you’ve taken appropiate precautions (like making sure only trusted devices can access your WiFi, e.g. with a password only people you trust know), I would also discourage no-auth-login.
Though remember, unless you allow 0.0.0.0/0 and port forward your Plex port, only LAN-devices will be able to access the server without further authorization. The IP is the authorization. And anyone who got approved by the router (receiving that IP) will also get approved by the Plex server, no questions asked. Yes/No it is… : )
