Cannot access server remotely... due to verizon fios DNS?

hello plex experts. i’m having a heck of a time trying to figure out a connectivity problem…
this kind of feels like a verizon issue, but i am hoping someone else has run into this before.

my plex server (linux, just updated to latest earlier today) is working great on my local network.
it also works great on my phone when not using wifi (remotely) and from some friend accounts.
the trouble i am having is at my parents house. when i log in to plex.tv from my parents computer, i get an error that the connection to the server is not secure. “unable to connect to XYZ securely”.
reading this - https://support.plex.tv/articles/206225077-how-to-use-secure-server-connections/ led me to the section about DNS, so i tried changing that.
changing the DNS settings on the windows PC to use 8.8.8.8/8.8.4.4. flush dns cache, and boom! it works!
but i don’t want to have to make this change on every device (this PC, multiple phones, and multiple rokus). I tried changing the DNS settings on the verizon router, the steps are outlined here - https://www.howtogeek.com/howto/38869/how-to-setup-your-verizon-fios-router-with-opendns-or-google-dns/.
and… it doesn’t work anymore? why would it stop working if the DNS request is going through the router, even if it is going to the same destination?

doing an nslookup with each configuration doing a lookup of plex.tv yields the same set of 3 ip addresses. it sounds like there is some kind of DNS proxy thing going on with the router??? how can i tell?

i mean, i guess i shouldn’t be opposed to changing DNS on each device (hoping its possible on all of these devices), i would just prefer to have a single place where this is set for simplicity.
any help would be greatly appreciated!

May I see the log files please (full set) either as tar.gz or the ZIP ?

logs from the server? or logs from the client (chrome)?
do you have a link to outline how to collect & send them here? sorry, probably a dumb question ha

Server logs. Please check your DM

sent you logs via DM.
been trying different combinations of DNS settings.
it seems to be really hit and miss… i currently have the router configured for primary DNS = openDNS, secondary = google DNS.
edit: and PC is getting DNS from DHCP, getting the router as the DNS server.
flush dns cache on the PC, reload the page. still getting the error that the connection is not secure.
flush dns cache again, reload again, and the page shows the error for a fraction of a second and seems to reload and it is working just fine!
but then i reload the page, and its not working again!
so i’m more confused than before ha

Thanks. I am looking at them now.

Something is wrong, I believe, with how it’s connected.

1. There is a 108.x.x.x address connecting to plex.direct. This is incorrect. 108.x.x.x is a public WAN address not a LAN address.
2. I see 192.168.0.4 appearing as the WAN IP for one of your gateway devices.

Is this correct ?

Do you have two routers; one connected to another in a chain?

108.x.x.x is likely the public ip of my home (where the plex server is located). edit: just to be clear, my public IP is 108.x.x.x. i’m sure the one you are seeing is my public ip.
192.168.0.4 is the plex server’s local IP.

up until about a month ago, i had two routers chained together at home.
plex – router A – router B – ISP
is now
plex – router A – ISP
the IP of the plex server did not change.
network A is 192.168.0.x, network B was 192.168.1.x.

what is “plex.direct”?
edit2: it is very possible that this problem presented itself when i made the network change to remove router B from the equation, but i did not notice the issue occur until just now. though i am fairly certain that i was able to successfully use Plex from my parents house (on a Roku) during that time. maybe i just got lucky…

edit3: by the way, the public IP from my parents house where i am having the connection issues is 98.x.x.x.

In simple terms:

1. plex.direct is a private domain used by PMS (the server) . It passes around player names and the internal DNS server resolves to IP

2. I see plenty of activity from a 98.1xx.xxx.xxx address This is telling me that, If I understand correctly, they are going out -> Internet -> you. Right?

2. that is correct - 98.1xx.xxx.xxx would be the public IP where i am trying to connect from.

There is connection and data flow in these logs

Feb 15, 2020 20:08:14.704 [0x7fb81d3af700] DEBUG - Transcoder segment range: 96 - 114 (113)
Feb 15, 2020 20:08:14.738 [0x7fb7ea7fc700] DEBUG - Transcoder segment range: 96 - 114 (114)
Feb 15, 2020 20:08:14.738 [0x7fb7b67fc700] DEBUG - Transcoder segment range: 96 - 115 (114)
Feb 15, 2020 20:08:14.766 [0x7fb7b57fa700] DEBUG - Transcoder segment range: 96 - 115 (115)
Feb 15, 2020 20:08:14.766 [0x7fb7b5ffb700] DEBUG - Transcoder segment range: 96 - 116 (115)
Feb 15, 2020 20:08:14.773 [0x7fb81d3af700] DEBUG - [Transcoder] Throttle - Going into sloth mode.
Feb 15, 2020 20:08:15.719 [0x7fb81e3b1700] DEBUG - Completed: [17xxxxxxxxxx:2108] 200 GET /video/:/transcode/universal/session/sq4x9zhca49c3ikd0m8sirsf/base/00096.ts (13 live) TLS 1493ms 1741632 bytes (pipelined: 1)
Feb 15, 2020 20:08:15.719 [0x7fb81e3b1700] DEBUG - Removed transcode data consumer, active count 1 => 0
Feb 15, 2020 20:08:15.917 [0x7fb7b5ffb700] DEBUG - Request: [17xxxxxxxxxx]:2108 (WAN)] GET /video/:/transcode/universal/session/sq4x9zhca49c3ikd0m8sirsf/base/00097.ts (12 live) TLS Signed-in
Feb 15, 2020 20:08:15.917 [0x7fb7b5ffb700] DEBUG - Asked for segment 97 from session.
Feb 15, 2020 20:08:15.917 [0x7fb7b5ffb700] DEBUG - Returning segment 97 from session
Feb 15, 2020 20:08:15.917 [0x7fb7b5ffb700] DEBUG - Content-Length of /hdd/Plex/Plex Media Server/Cache/Transcode/Sessions/plex-transcode-sq4x9zhca49c3ikd0m8sirsf-ee54f9ea-a8c9-4877-b40e-8667dd35395d/media-00097.ts is 2381396 (of total: 2381396).
Feb 15, 2020 20:08:15.919 [0x7fb81ebb2700] DEBUG - WebSocket: client initiated close
Feb 15, 2020 20:08:15.919 [0x7fb81e3b1700] DEBUG - handleStreamRead code 335544539: short read
Feb 15, 2020 20:08:15.919 [0x7fb81e3b1700] DEBUG - NotificationStream: Removing because of error
Feb 15, 2020 20:08:15.920 [0x7fb81e3b1700] DEBUG - Completed after connection close: [192.168.0.138:36978] -3 GET /:/websockets/notifications (12 live) TLS GZIP 182441ms 17501 bytes
Feb 15, 2020 20:08:17.161 [0x7fb81ebb2700] DEBUG - Completed: [17xxxxxxxxx:2108] 200 GET /video/:/transcode/universal/session/sq4x9zhca49c3ikd0m8sirsf/base/00097.ts (10 live) TLS 1244ms 2381396 bytes (pipelined: 2)
Feb 15, 2020 20:08:17.161 [0x7fb81ebb2700] DEBUG - Removed transcode data consumer, active count 1 => 0
Feb 15, 2020 20:08:17.327 [0x7fb81ebb2700] DEBUG - Auth: authenticated user 1 as RogerPodacter
Feb 15, 2020 20:08:17.327 [0x7fb7b67fc700] DEBUG - Request: [17xxxxxxxxx:2111 (WAN)] GET /:/timeline?ratingKey=10493&key=%2Flibrary%2Fmetadata%2F10493&playbackTime=516&playQueueItemID=11232&state=playing&hasMDE=1&time=972000&duration=1435000 (10 live) TLS GZIP Signed-in Token (RogerPodacter)
Feb 15, 2020 20:08:17.328 [0x7fb7b67fc700] DEBUG - Client [kcmiykjinmkdd7p2k0xi8tjk] reporting timeline state playing, progress of 972000/1435000ms for guid=, playbackTime=516ms ratingKey=10493 url=, key=/library/metadata/10493, containerKey=, metadataId=10493, source=

This, however, bothers me.

Feb 15, 2020 20:30:01.216 [0x7fb80cbd7700] DEBUG - [PlexRelay] Transferred: sent 10336, received 5764 bytes, in 324.4 seconds

Plex Pass users get 2 Mbps when indirect. This is even slower than that.

Something is on a bad/marginal connection. Overburdened / nearly out of range of WiFi ?

this PC is on wifi, and the signal strength is not great. i’m also remotely connected to it (via teamviewer), so that might be eating up some of the bandwidth.

the problem is not isolated to just this PC, we had the same problem from iPhone & Roku clients, but they are also on wifi. They are closer to the wifi router, so they should have a stronger signal.

I am able to view the library and stream a video on some tests. but when things don’t work, i am not able to view the library, let alone stream anything. i’m sure there would be more bandwidth when I am able to test locally there (without teamviewer), which i am planning on doing tomorrow.

I’m going to offer my general statement: A server on WiFi is not a good situation to be in if at all avoidable.

1. The server’s reliability is dependent on its WiFi signal strength.
2. Everything on the WiFi suffers if the server is streaming , even if streaming remote.

Can you get the server on a wired connection (you might need to relocate it)?

oh, sorry. i misunderstood before.
the server (at my home) is wired directly to my home router.

the client (PC at my parents house) is the one on wifi.

Let’s construct a very controlled test case. There are a lot of variables in flight here and I’m on the verge of being contotally fused

Restart your server
With all other activity stopped.
Using only a player on their network,
Start playback from your server.

Let’s establish what is happening.

sure, i will run the test you described. will likely be later today or tomorrow.

Take your time. Accuracy is more important than expediency

just to keep you in the loop with all of my testing, the other night, i tried logging out on the server and claiming the server again. had some issues getting back to the page to claim it, found some forums posted a reclaimit script that another plex user posted. was able to reclaim it with that.

ok, made the trip to my parents house to test locally. i’m getting some…unexpected results.

• Parents PC set to use Google DNS, on Wifi, decent signal quality. I am now getting the same error that i was getting before, so i’m thinking this doesn’t have anything to do with the DNS…
• i brought my chromebook with me, i use this at home for plex often. Connected to the wifi. i see the same error as before. as i’m sitting here thinking, it seems to refresh, and is suddenly securely connected. i was able to watch ~30 sec of an episode of The IT Crowd that was on deck.
  [following steps done on the chromebook, no special DNS settings in use]
• getting to the server settings has been a bit of an unexpected pain. go to https://app.plex.tv/desktop, click on the settings button. go into server general settings. see settings there. go to troubleshooting. see the page. click on the download logs button, and i get an error that the page is unavailable (!?) as in, a 404 error.
• reload the page, and now i cannot access the server settings anymore, i get the ‘cannot access securely’ error.
• reload again, and it seems to be working… was able to download logs. i’ll PM them to you.
• as i’m typing this out, i left the Plex tabs open. the tab that was playing the episode successfully seemed to do some kind of refresh and is now saying “cannot access securely”
• i attached a screenshot of the error i am seeing, just for clarity. you can see the libraries on the left are grayed out, and have a (!) symbol on them. clicking on the library brings you to the page that says ‘unable to connect to [server] securely’
• Edit: super weird! i left my parents PC on with a tab open to Plex during all of my testing on the chromebook. it was sitting at the same error page (unable to connect securely). BUT, each time i refresh the page on my chromebook, i would see the page refresh on the PC. initially, i’m just seeing a flash of my library contents and then it goes back to the error page. but, after a few times of this, it successfully opened my library. it was open to the ‘movies’ library, and i can suddenly see all of my movies. when i clicked on the TV Shows library (wanted to play the same video as before), i get a different error page “There was an unexpected error loading this library. Please visit our forums if you continue to experience problems”. not sure if this is relevant, but i figured id just give you as much info as i got.
• edit 2: doesn’t seem to be related to wifi signal strength. tried it again standing ~3ft from the router, chromebook says signal strength is strong. and still seeing the issue.

So, @ChuckPa helped me get to the bottom of this in a number of DMs. i’ll summarize here so anyone else can find it later, if it is of any use to others.

• so the DNS settings turned out to be nothing. eventually found that things were failing with any combination of DNS settings, so this was just a distraction.
• i figured i’d try to access my home plex server directly, without going through plex.tv. just to see what happens.
  **type in http://mypublicip:32400 into address bar of internet browser. it works just fine, brings me to the main page of plex server, though chrome complains that the connection is not secure. so, it works, but this isn’t how this is supposed to work.
  ** from the web client debug logs, it said it was connecting to https://dashed-ip.hash.plex.direct:32400/media/providers.
  so, i try to connect to this from chrome, without the /media/providers portion. get a site not found error… wierd. nslookup of dashed-ip.hash.plex.direct returns the proper public IP, so its curious this did not work.
  ** next, try https://dashed-ip.hash.plex.direct (without the 32400 port) … and look at this…

wtf is this???

turns out, this is something called McAfee Home Network Protection. Some kind of BS security thing you can turn on that “protects” your network. there is something in there that it finds plex to be malicious and blocks it.
clicking the ‘continue to site’ button allows it through (though this is not a valid URL, so it leads to a 404). BUT, the rest of Plex now works correctly… it seems like it was added to a whitelist or something like that.

i wasn’t sure if this would be permanent or not, so i looked into disabling this thing entirely. It seems this is only done via the My Fios app from Verizon. Which is weird, because my parents didn’t have this app installed, so i’m not sure how this ‘feature’ got turned on in the first place.
the search led me here:

there are lots of posts about this being finicky to disable. but, following these instructions, i was able to get it disabled.
“into the My Fios app and go back to Account & Settings> Security Settings> Home Network Protection. It is normal to see the spinner for a few seconds. Click the toggle & then ok the message. Now HNP should be turned off.”

Plex is now working great on all devices at my parents house!

thanks again to @ChuckPa for helping me track this down!

Thank you for taking the time to hunt this down. I’m sure a lot of FIOS users will be glad to know this is a secondary layer of “stuff” added which can be safely disregarded.

Chuck, is there a place that solutions like this could be pinned and searched, making it easier to locate for the next time.