CGNAT local/remote access

Kirdnehnroh · December 10, 2020, 8:33am

Let’s face the facts my ISP changed the network and I am sitting behind a cgnat now.

Current settings:
Router with external IP: 10.x.x.x
Devices with “external” IP: 2.x.x.x
I own a domain plex.example.com which points to the 10.x.x.x ip with port forwarding which lets me access the plex web app remotely and locally.

If I start a stream on a Fire Stick it is considered as remote access and only works with the Plex Relay activated. If I deactivate the Plex Relay I cannot connect anymore.
However if I access the Plex Web app from the local network I can stream and is considered as a local stream.

How can I change the setup especially the network setup to ensure streams on the same wifi are considered as local (on Fire Sticks, Smartphones, Laptops) and that I can connect through plex.example.com remotely?!

Thanks for any information. My ISP does not offer paying for a static IPv4 address.

certuna · December 10, 2020, 8:37am

Do you have IPv6 (this is usually the reason ISPs put people behind CG-NAT)? You can (manually) configure Plex to serve over IPv6 instead, so then you can still have remote access. Create an AAAA record for plex.example.com pointing to the stable IPv6 address of your server and that should point clients to the right direction again, regardless of whether they’re inside or outside the LAN. (of course, if you have a firewall on your router blocking port 32400, then you have to open that first).

For the local streams, go to PMS, Settings, Network:

turn on Local Network Discovery (GDM), this makes Plex broadcast itself over the LAN for every Plex client to pick up
under LAN Networks: set your local internal network, for example 192.168.1.1/24 if your LAN devices all have 192.168.1.*, this makes Plex treat clients with those addresses as LAN clients in terms of bandwidth restrictions, etc.

Kirdnehnroh · December 11, 2020, 12:17pm

Thanks for the reply.

No, I am connected through the mobile network. I do not have an IPv6 address.

I (re-)activated the GDM option and added the address as suggested. My Fire TV Sticks are using now the LAN connection. For no reason one is using a secure connection the other is not able to establish a connection if secure is forced but at least an unsecure connection is possible.

For streaming with Alexa I probably still need the Plex Relay but I will play around a little further with the settings. Thanks a lot.

frederick.grayson · December 11, 2020, 4:31pm

I do not see how this is possible. 10.0.0.0/8 is a private IP network and is not routable over the internet.

certuna · December 11, 2020, 7:48pm

Indeed, in this case plex.example.com would only work for clients on the LAN, not outside of it.

I (re-)activated the GDM option and added the address as suggested. My Fire TV Sticks are using now the LAN connection.

That’s great! You won’t get secure connections that way, yes - since you’re not using DNS on the LAN.

system · March 11, 2021, 7:49pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Best practices to run Plex PMS behind a CGNAT? Since it even causes issues with local streaming General Discussions	4	284	March 31, 2023
CG-NAT Blocks IPv4 Remote Streaming. I want to enable exclusive remote streaming over IPv6 Remote Access server-windows , networking	8	206	August 1, 2025
No Remote Access - IPv4 CGNAT with Native IPv6 Desktops & Laptops server-linux	8	2387	January 2, 2019
Not available from outside with IPv6 & IPv4 CGNAT Desktops & Laptops server-windows	1	135	February 18, 2022
Help with Plex Server behind CGNAT? Remote Access server-windows , server-linux , plex-web , plexamp	2	182	October 20, 2025

CGNAT local/remote access

Related topics