Server Version#: 1.23.1.4571
Player Version#: Up to date plexamp/plex apps
Without any software or hardware changes, plex and plexamp have stopped being able to reach my plex server when outside the lan.
Summary:
I am running the Plex server on a Synology NAS. The most up to date plex server available on the NAS is installed.
Green tick in ‘Remote access’ settings
The synology has two network interfaces. I have all traffic from eth0 directed through a VPN running on my router. I have set preferred network to eth1 in the ‘Preferred network interface’ setting. eth1 is not routed through the vpn.
I have a manual port forward setup (32400) on my router for the eth1 network address
If I look up my external IP address (e.g. from a ‘what is my IP’ website) and go to http://(external IP):32400 from a device outside the lan then my plex server can be accessed/content played. Conversely, when I go to https://app.plex.tv my server isn’t accessible.
Is it possible there is something going on behind the scenes related to http connections working externally, but not https connections?
The odd thing is this was all working, and only broke within the last two weeks. No software changes, hardware changes, ISP changes that I’m aware of.
Keep in mind that this setting is “preferred”. My guess is that PMS is reporting both ip’s back to plex.tv so when plexamp looks for your server, it’s using the one that points to eth0.
I’m not an expert on running a system with 2 ethernet connections so I can’t help there. My suggestion is disconnect eth0 so pms didn’t see it so won’t publish that address to plex.tv.
After updating to the latest plex server version manually ( no immediate change), toggling the ‘use secure connections’ option and restarting the server each time (no immediate change), and signing out of my account+ revoking access for all connected devices then signing back in, I did have about 24hrs of functional external access.
Unfortunately it’s stopped working this morning (I was about to say it was fixed here but thought I should check that was still the case).
Also I have since realised others are having very similar issues, so apologies if this thread is a duplicate (in some forums it’s considered poor form to hijack someone else’s thread, not sure about here).
My next step will be to try a NVIDIA shield-based server which will be free of the dual NIC setup.
Once again I appreciate the assistance, however I’ll note that external access to my music library via plexamp (awesome app by the way!) is the reason I bought a lifetime Plex pass. I really hope I can get it working again.
They show what PMS is reporting as double NAT (two routers).
Dec 06, 2021 08:59:59.621 [0x7fe3d1352b38] DEBUG - MyPlex: reachability check - current mapping state: 'Mapped - Not Published'.
Dec 06, 2021 08:59:59.621 [0x7fe3d1352b38] ERROR - MyPlex: mapping failed due to potential double NAT configuration
Dec 06, 2021 08:59:59.621 [0x7fe3d1352b38] DEBUG - MyPlex: mapping state set to 'Mapped - Not Published (Double NAT)'.
Do you have two routers ? Do you have the Synology configured to run on two different subnets ?
PMS has detected your external IP to be a 199.x.x.x value. Is this correct ?
My external IP is 144.x.x.x (as reported as the WAN IP in the router, and on a ‘what is my IP’ website from a second computer), not 199.x.x.x.
I only have the one router running one NAT service.
199.x.x.x is external IP of the eth0 VPN (confirmed from the vpn client running on the router).
So in my case the issue arises because I’m running a VPN server on the router, and plex is using eth0 even though I’ve told it eth1 is preferred (as traffic from eth1 doesn’t go through the VPN).
Although it would be nice if plex was forced to use the NIC indicated, I understand that isn’t how it works. I guess I will see if I can add an exception for plex on eth0 so it doesn’t go through the vpn.
Plex does not ‘bind’ to an adapter. Engineering and I went around and around on it. They can’t make it work the way we think.
In C, we use a bind() call on a socket and then specify the src.addr (source address)
That source address is the ethernet adapter we want the traffic sent from. The TCP/IP stack does the rest and the traffic is indeed sent from that adapter.
Plex can’t do that. They can only ‘prefer’ (listen on) which gains us nothing.
Your Syno is probably set with ‘eth0’ as the default adapter so DSM will do as instructed and send the traffic out eth0 regardless of what PMS prefers.
You probably have both eth0 and eth1 on the same subnet ? (e.g. 192.168.0.50 and 192.168.0.51 ) ??
This is not how adapters should be used on a box such as Synology.
It’s not industry standard usage which is one adapter per subnet (unless you really have control of the host – which we don’t on DSM)
In this two-on-a-subnet configuration, DSM will use those adapters interchangeably because either one will get to the subnet with equal metric (cost). We can’t manually create the routing table entries we need on DSM to do this the way we want so we do a workaround.
If you want to use the VPN. I recommend –
Create the bonded adapter (bond0) using both eth0 and eth1
Make it the default adapter
Set PMS to use bond0
Stop PMS
Start the VPN
Start PMS
Now, PMS will see one path - through the VPN - out to the internet on the ONE adapter.
Since that adapter also has a subnet presence, local LAN traffic will be unaffected.
Thanks for taking the time to spell things out - I confess I’ve hit the limits of my current understanding so it’s appreciated. I’d try your suggestion to bond the two adaptors but keep them on different subnets, however I need to resolve an issue with eth1 negotiating at 100Mbps instead of 1000Mbps, so I can’t bond them at present.
In the meantime I think I’ll try the NVIDIA Shield server option which should be quite a bit more straightforward!
