So, after a recent update, Plex Media Server is only available as an “indirect connection” when I access it off of my home WiFi/LAN. I have a separate Modem and Router. My modem has a different IP address than my router, as per “whatismyip.com”. I have the correct port forwarding set up on my router, but do I need to change my Modem’s IP address to match my router’s IP address, or vice versa? I am not sure my ISP will allow a static IP for my modem anyway. My router’s guide hasn’t been very helpful when discussing attempting to change the “WAN” settings. I can still access my media, but under sub-optimal conditions. My previous ISP had me use a combination modem/router. Any assistance is greatly appreciated.
1 Like
Anyone have any experience using Plex Media server through a modem and router?
Need to know a bit more.
Is your WiFi access point from your modem? Are you running DHCP - and is this generated from your router? Sounds like your WiFi network is outside your local network? Are you running any VPN?
Have you checked your security settings in PMS? What hardware are you using in PMS?
I have the same problem on nvidia shield tv as plex server.
The situation is like the picture you post.
I have tried to set port forwarding on my ASUS ac-68u router, but still failure.
Is this a bug of the newest patch published on 9/30?
2 Likes
I’m experiencing some of this with devices that are on the LAN. By no means should they be going outside of the LAN to access the Media Server. All have the “indirect” connection. There’s a few LAN devices that will not connect to the Server indirectly. My FireTV stick being one of them.
Check network setttings in your Plex Media Server. Change secure connections to “disabled”. Give that a whirl and let me know.
2 Likes
I’m also having this issue after playing around and finally getting https working.
Insecure connections (https doesn’t work when secure connections are “disabled”, so http connections) show as “nearby” while secure connections, when enabled (“preferred” in settings) show as “indirect” when on the same network.
On remote network, it shows as “remote” on secure connections and the redirects aren’t letting me get to the insecure app.
I don’t believe my setup is all that unusual, but I’m running plex on FreeNAS behind a pfSense firewall with upnp forwarding, which plex gets along with. The only unusual thing is I’m running a /32 subnet, my plex jail is on 192.168.1.XX and most everything else is on 192.168.3.*.
3 Likes
More info: It fixed itself overnight, somewhat. Remote networks now show my server as “remote”, but now the issue is rearing its head on LAN. I’ve narrowed the issue down slightly.
Normally, my server runs on 192.168.1., my computers are on 192.168.3., router on 192.168.0.*, all given a subnet of 255.255.252.0 by the router. This normally only causes issues for applications (like my switch) that require you to be on the same network to access them.
In this configuration, currently, accessing the server from app.plex.tv from a remote network now shows the server correctly as “remote”. However, accessing it from LAN via both HTTP and HTTPS show it as “indirect”. from both app.plex.tv and the server ip/plex.direct.
But! When I moved the server to a 192.168.3.* IP, the server correctly shows as “nearby” when accessed from HTTP and HTTPS on the server IP, and on HTTP when accessed from app.plex.tv. However it shows up inconsistently when accessed from app.plex.tv. When I first moved it over, it showed as “nearby” on HTTP but couldn’t be accessed from HTTPS. After waiting a bit, it could be accessed on HTTPS, but it showed as “indirect”. And after waiting, now HTTP also shows as “indirect”. Seems like some syncing issues there a little.
This does point maybe to an issue with how the server determines “nearby” status, however. Most people will run in a 255.255.255.0 subnet, but I suspect quite a few won’t. It should be possible for the server to get the correct subnet from the OS and apply it to the “nearby” algorithm. I just confirmed it’s not some dumb FreeNAS jail thing where the jail is getting the wrong netmask, it does show up as 0xfffffc00, which is correct.
@Spoontah said:
Need to know a bit more.Is your WiFi access point from your modem? Are you running DHCP - and is this generated from your router? Sounds like your WiFi network is outside your local network? Are you running any VPN?
Have you checked your security settings in PMS? What hardware are you using in PMS?
Wifi access is via a TP-Link router. The Modem is hooked up to the router. I am running DHCP generated from the router and my Moden (Arris Surfboard SB6141). My Media Server is installed on a PC with a reserved IP address.
@Spoontah said:
Check network setttings in your Plex Media Server. Change secure connections to “disabled”. Give that a whirl and let me know.
I have, no change. My router settings are fine, something is happening between my Modem and the Internet.
Alright, resolved the issue. I had to set my PC (Which hosts my Media Server) to a reserved IP address. Then I Port Forwarded to THAT address, no my Router’s generic LAN address. one router reboot later along with a Media Server restart and I got this:
2 Likes
Also having this issue after an upgrade from 1.0.0.something (I think) to 1.1.4.2757.
Secure connection (“preferred” in settings) gets me indirect on Plex Web on local LAN via https://app.plex.tv/web/app.
I can only get nearby by using the local IP directly, or by insecure connection (“disabled”) via http://app.plex.tv/web/app.
According to the remote access settings, everything should be fine…
Nothing unusual about the local LAN setup, evreything’s on the same subnet (192.168.1.xxx), only minor weirdness is that I have the router at 192.168.1.2 instead of the usual 192.168.1.1
OK, so there was a few things going on here after some debugging. We actually had changed our router a bit back due to general wifi instability, and that apparently forced all LAN clients to connect as “remote” which no one noticed at the time. This was revealed after downgrading to 1.1.3.2700. However, “remote” certainly was an upgrade over “indirect.” Then this was fixed by changing router settings as described here under DNS Rebinding
. Remote clients connected fine as remote.
However, after re-upgrading to 1.1.4, local clients connected as remote. So I’m sticking with 1.1.3 for now.
To summarize, with correct router settings:
- 1.1.3 local connects as nearby (good)
- 1.1.3 remote connects as remote (good)
- 1.1.4 local connects as remote (bad)
- 1.1.4 remote connects as remote (good)
With incorrect router settings:
- 1.1.3 local connects as remote (bad)
- 1.1.3 remote connects as remote (good)
- 1.1.4 local connects as indirect (bad)
- 1.1.4 remote connects as remote (good)
I’ve just fixed this issue with the DNS Rebinding settings for pfsense, since I use unbound/DNS Resolve in pfsense at home.
I have to say, the description of the kind of attack that it protects from though, does seem like a legitimate threat. I think the only reason it’s safe to disable it for ‘plex.direct’ is that we trust the owners of ‘plex.direct’… interesting!
3 Likes
Sharing my solution. I’m using dnsmasq and pointed to OpenDNS resolving name servers. Found that OpenDNS is resolving my xxxx.plex.direct hostname to hit-block.opendns.com, so that’s not gonna work. Eventually, I used:
rebind-domain-ok=/plex.direct/
server=/plex.direct/8.8.8.8
i.e. for domains ending in plex.direct, I’ll use Google DNS instead of the system default name server.
Hello,
I also have the same problem, immediately after updating to a new patch. Anyone resolve?
1 Like
Hi all,
Not sure if anyone has resolved their issues on here, however I have sorted mine.
A bit of background first. My server is running upstairs in my study and connected via WiFi. Everything else in the house connects via WiFi also. Was getting the message about an indirect connection to the server even though it is running on the same network. Finally noticed the option of selecting “preferred network interface” under network settings on PMS. This is set to “Any” by default. I chose the only other option in there, which was “WiFi 3” for me. Only thought to change this when i noticed it under “View your network properties” in Windows 10. Not entirely sure where this “WiFi 3” name came from or how it was set, as this is not my SSID(Wifi name)
This seems to have resolved my issue. Not sure this will work for everybody, but thought it worth sharing.
Cheers,
H
5 Likes
So I’m having a similar issue. I’ve got my PMS running in a docker container on an Ubuntu machine. It was just recently moved to this box after just being a service on my Debian machine.
The ports are forwarded, and I even adjusted the port forwarding to the docker IP. The server is accessible from outside of the network, but they are listed as “indirect” and the Plex settings say it’s not accessible remotely.
I’m having a similar problem. My PMS is running on Linux (Fedora 30) and is up to date. My Plex app runs on a Fire Stick and is also up to date. About a week ago I suddenly couldn’t access the server. This lasted for several days (during which time I updated Fedora, which I do regularly) and now the server does respond, but shows as “indirect”, unlike before. I’ve selected my specific network interface in PMS (instead of “Any”), restarted PMS, restarted the Fire app, and nothing makes any difference. I’ve even checked my dnsmasq settings on PMS and tried the rebind trick (see https://support.plex.tv/articles/206225077-how-to-use-secure-server-connections/) but it has no effect, and I’m already using the 8.8.8.8 DNS resolver. All my devices are on the same 192.168.1.0 subnet.
Edited 07AUG2019: I updated my router firmware and (touch wood) I now get a direct connection to my PMS machine. Unless it fails again, I’m going to assume that was the problem, even though the router (a ZyXel) was last updated only 6 months ago.
Thank-you, hbekkaya, this resolved my issue.
I am running my PMS in a docker container. The “preferred network interface” was also defaulted to Any. However, unlike yourself, I had a few options in there (including a couple of docker-generated interfaces.
Replacing Any with the interface corresponding to my PMS host, direct connection was possible. This also allowed remote connection.
1 Like
