Not available outside your network, but custom domain works

Server Version#: 4.147.1
Player Version#: N/A
<If providing server logs please do NOT turn on verbose logging, only debug logging should be enabled>

Good afternoon! I recently moved from Synology implementation of PMS to ProxMox → Docker → PMS. I didn’t use remote access much before, but I’d like to now.

I have a static IP from my ISP, and running the Cloudflared tunnel to give me a plex.mydomain.com address - this is working fine and resolves properly in a web browser.

However, I can’t figure out how to get the plex.tv page to securely connect to the PMS. I’ve added plex.mydomain.com to the Settings → Network → Custom Server Access URLs, and restarted PMS. When I look on the plex.tv page, the link for “Try to navigate directly…” shows the custom URL + “:32400/web/index.html” - which isn’t a valid DNS-routable address. I’m not interested in port-forwarding just for this… but I would think that having a Cloudflared tunnel would allow a SSL-secured connection to be used by plex.tv to connect to the PMS.

Maybe I’m missing something in the protocols, but if that Custom Server URL contains a valid routable domain, why does plex.tv need to append the port (and thus fail to connect)?

EDIT: for clarity, the initial connection is SSL to plex.mydomain.com, and then forwards properly to my actual server, which is NOT running an SSL cert. But because the domain name is routable, I would think that after connection plex.tv could connect to PMS using the cert Plex set up on PMS. My PMS logs -seem- to show a valid cert install for a plex.direct etc… So I’m pretty sure that part is working - just not the connection between plex.tv and my PMS.

EDIT2: I set up a temporary port forward on my router to test - and that works fine, plex.tv connects. So the only problem is connectivity between plex.tv and my PMS, which -should- be fine using the domain name as described above. If the mechanism that plex.tv is using to connect was more flexible or took into account the custom server names, I think this would work just fine, and give people an option to not port-forward.

Since this got no traction or reply… I went on a crusade to figure it out for myself.

Apparently, the Remote Access setting -always- tries to use its own comms channels between the local server and plex.tv. If you enable NAT PMP, that works with remote access. If you port forward and specify the port that works. Both of those get you the cool graphic that says its working (or not)

But what it also does is -disables- the ability to use the “Custom Server URL” setting (under Network). So if you have the Remote Access setting turned on, it ignores any custom url’s you have set up.

The fix for me that seems to be working (at least for a few hours now) is to turn OFF Remote Access, and add my custom server URL to the local plex server, remove the server from my plex.tv account, restart the local plex server (this lets plex.tv re-add the server with all the settings). Working just fine now, and let me delete my port forward config and disable NAT PMP on my router.

Hope this helps someone out later!