Server Version#: 1.25.5.5492
Player Version#: 4.69.1
I’m trying to setup remote access with mixed results.
Remote access tab will test connection after a while it will go green stating I have access outside my network then quickly turn red changing its mind. It does note my public IP as the IP for my VPN used by other services on my server. Is there a way to direct Plex traffic to not go through the VPN in UFW?
current UFW setup:
To Action From
Anywhere on tun0 ALLOW Anywhere
Anywhere on enp3s0 ALLOW 192.168.0.0/24
Anywhere on enp3s0 ALLOW X.X.X.X 1194/udp
plexmediaserver on enp3s0 ALLOW Anywhere
Anywhere ALLOW OUT Anywhere on tun0
192.168.0.0/24 ALLOW OUT Anywhere on enp3s0
X.X.X.X 1194/udp ALLOW OUT Anywhere on enp3s0
On both Local and Remote connections, using HTTPS results in an unsecure connection due to invalid certificate. Locally it will still operate but when I can get remote connection I get the error “app.plex.tv is unable to connect securely”
I can’t help too much with advanced networking but I can tell you that when the test first turns green and then red it was never working to begin with. It will always turn green first while it’s checking for some dumb reason. So your port is not being forwarded.
I had a big headache when I switched providers. I didn’t realize it was a CGNAT provider, meaning it was impossible to forward ports. I had to use a VPN and forward the port through using that.
If your issue is with the VPN or you don’t want Plex to run through the VPN, you need to configure an exception in the VPN.
Those firewall rules basically establish what’ communication is allowed/blocked – this isn’t specifying which IPs/connections your VPN or Plex are going to use (it’s just not blocking them).
#2 appears to be linked to the VPN setup.
Let’s retry this after you established the exception for Plex in your VPN.
I’m currently struggling to reconfigure my connection so only only processes owned by deluge are routed to tun0, allowing all other traffic to use enp3s0. But, running it as user other then the primary user causes errors in the webui.
Anyways, I’ve also disabled deluged, add acceptations to UFW for 32400 on enp3s0, then disabled UFW, and still no luck. More reading has pointed me to the Kernel IP routing Table which makes more sense. When it comes to anything beyond basic networking I’m still learning. Right now I’m more focused on getting remote access for PLEX working then I’ll figure out deluge.
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.8.1.1 128.0.0.0 UG 0 0 0 tun0
default 192.168.0.1 0.0.0.0 UG 202 0 0 enp3s0
10.8.1.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
x.x.x.x 192.168.0.1 255.255.255.255 UGH 0 0 0 enp3s0
128.0.0.0 10.8.1.1 128.0.0.0 UG 0 0 0 tun0
192.168.0.0 0.0.0.0 255.255.255.0 U 202 0 0 enp3s0
Stop deluged and openVPN serivces, leaving UFW running. Ping google.com fails, from VPN killswitch in UFW
Turns off UFW. successfully pings google, so the VPN killswitch is disabled. #success could watch PLEX on my phone via 5G
*Now if I start ether openVPN or UFW, PLEX dies.
I’ve tried rearranging my UFW rules tell it to allow 32400 and PLEXmediaserver rule on enp3s0 first, this initially broke all networking minus SSH (thankfully). I’ve reordered it to the following it will still work as a kill switch but wont let PLEX outside the local network.
Anywhere on enp3s0 ALLOW 192.168.0.0/24
plexmediaserver on enp3s0 ALLOW Anywhere
32400/tcp on enp3s0 ALLOW Anywhere
Anywhere on tun0 ALLOW Anywhere
32400/tcp on tun0 DENY Anywhere
Anywhere on enp3s0 ALLOW x.x.x.x 1194/udp
32400/tcp ALLOW OUT Anywhere on enp3s0
32400/tcp DENY OUT Anywhere on tun0
Anywhere ALLOW OUT Anywhere on tun0
192.168.0.0/24 ALLOW OUT Anywhere on enp3s0
