Server Version#: 4.47.3
Player Version#: 7.11 (iOS)
Hi!
Hi I have two problems but I think one of them can be ignored (Problem 1) but not sure if it is related to problem 2 which I need help with.
Problem 1:
My Plex server says Not available outside your network but I can see my media library and play the files when I access through my iOS app when I am on mobile data. I have disabled relay so I know that there is a direct connection. I have tested that the port is open (20001) which I use with reverse proxy on my synology (see below). I don’t understand why it says Not available outside your network when it actually seems to work? Am I missing something, can I ignore it or what could be wrong? I have made sure I don’t have double-NAT too. I think this problem can be ignored because I was told in a reddit post that this indicator is not that reliable.
Problem 2:
If you read below in my setup you will see that I use a reverse proxy where my source protocol is HTTPS and destination protocol is HTTP just as in the guide I am referring to below. However, if I start a stream on my iPhone and look at the server dashboard, the playback don’t have that padlock icon that indicates that this is a secure connection. I also checked in tatutulli that says “insecure connection” for the same playback. I want my stream to be secure but can’t figure out what it is. Not sure if this indication is false because I do have secured connection set to required. Any ideas?
Here is my setup and some additional info:
Plex running inside docker (docker-compose) with host as network mode. I use the official docker image
Docker runs on synology DS920+
I have disabled UPnP on my router
I have port forwarded port 20001 (not the real port but lets use it for this post)
I have setup DDNS according to this guide with lets encrypt certificate. Only difference I have compared to the guide is that I don’t have port 443, 80 forwarded. I removed this after I received the certificate.
Plex server version 4.47.3
I have followed this guide for remote access over https except I use port 20001 instead of 9005.
I have enabled firewall but the same problem is present with firewall disabled.
Under settings -> Remote access I have manually specify public port set to 20001.
Under settings -> network I have secure connection set to required.
I have generated my custom certificate and chosen a path for it, password etc according to to a guide I found in these forums but I cant post a link to it because I am a new user and only 2 links are allowed. I can post it in a reply if you need to see it.
One important thing worth mentioning is that I don’t have this problem at all when I go to settings -> network and disable secure connection…
Ok but since the reverse proxy is on the NAS and the plex media server is on the NAS, does it mean that it is https between the remote client and the NAS at least? So basically everything that is over the internet is secured? I tried to find a way to see if the playback was over https on the client but couldn’t.
Not sure what you mean by this but I am pretty sure that my client connects via the reverse proxy because the router forwards port 20001 internal and external and the only place I map 20001 to 32400 (docker plex) is at the reverse proxy. And I can access my media server this way and there is no other way so pretty sure this is going through the reverse proxy. Maybe I misunderstood what you meant?
Router forwards 20001 internal and external port to ip address of NAS. Then in the reverse proxy on my NAS I do the following:
I am pretty sure they are not in conflict because the second guide actually says that you have to do the first guide before doing the second one. The thing about the certificate is something I did because secure connection did not work without actually specifying a custom certificate.
I don’t have the best answer to this but I guess because it is nice to have everything that is exposed from the NAS in one place. I know I can just forward an external port on the router and map it to internal 32400. But yeah, I dont have the best answer for why exactly.
You mean basically just clear all these three fields on the server?
If I remove all this I can no longer access the media server through mobile data through my proxy.
You have an image on the reverse proxy, it is set to https? Or do you mean that the destination should be HTTPS?
I clear the three fields for custom certificate that I had a screenshot of above and instead added https://xxxxx.synology.me:20001 to the Custom server access URL. This made it possible to access the media server from mobile data but the dashboard still did not show it as a secure connection. Also it felt more laggy this way rather than not having anything in Custom server access URL and instead fill in the three fields from the above screenshot.
I hope I answered every part clearly The most important part for me is to actually find out wether to part that goes over the internet is actually secured.
Yes. If the reverse proxy only offers HTTPS (not HTTP) to clients, then Internet connections are secured.
Sounds good, looks good.
I was confused because you’ve got Secure connections = Required enabled in Plex.
So why is Plex responding to HTTP connections? I apologize - I forgot that it only blocks remote HTTP connections. It still allows local HTTP connections.
Because the reverse proxy is on the same box as Plex, those HTTP connections are still allowed.
If everything is working, the status on the Remote Access screen isn’t critical.
The most important part for me is to actually find out wether to part that goes over the internet is actually secured.