Plex not working with QNAP DTS 5.2.6

Server Version#: 1.42.1.10060
Player Version#: QNAP DTS 5.2.6.3195

Ive looked at the QNAP FAQs but can’t see an answer to my problem. Apologies if I missed it. Apologies also for the length of this post but I wanted to give as much info as possible to help anyone give me an answer!

I have a QNAP TS-253D and have for many years run Plex successfully on it, installing the latest versions manually. I don’t often need to login to the NAS so it often runs QNAP firmware and Plex several versions behind the current ones.

I recently tried to use Plex on my Roku, iPhone and iPad and got error messages saying my Plex server was too old. At the same time I needed to power down my NAS and disconnect it for a week or so thanks to building work. When I switched the NAS back on my router had assigned it a different IP address: I thought I had given it a reserved address but obviously not! No big deal - I’ve amended everything to use the new IP address, or I think I have.

The NAS said I needed to update the firmware (which I did) and then manually installed the latest version of Plex.

It doesn’t work. Plex on the QNAP won’t open. When I click on the Plex app on the QNAP desktop (the one I installed manually), it refuses to open and says that Safari can’t access the IP address (which it obviously can as I’ve already accessed it to login to the NAS). If I delete Plex and reinstall the older version from the QNAP App Store, it does work and I can see my libraries but can’t access them on my other devices, which is the whole point of having Plex in the first place. I’m about to give up and use Emby instead. Any ideas to avoid that and keep using Plex?

Using the PMS supplied by plex.tv is the way to go. (Stable public version is very good.)
Setting a static IP address within QTS is also the best thing.
Setting QTS to use Cloudflare as your DNS server (1.1.1.1) is the most helpful.
Allowing access over SSH from your LAN only to the QNAP is another useful feature.

Plex has always lived in /share/CACHEDEV1_DATA/.qpkg/PlexMediaServer/ afaik unless you chose a different name. I figure most of your configuration is still stored there. Upgrades and downgrades have historically been non-destructive.

Let’s assume you have PMS “started” via the QTS app manager as versus “stopped” and that you have done the things I suggested in the first paragraph.

The next thing you want to try is sitting down on the Mac on your LAN and reaching out to PMS. Let’s start with insecure http and progress to secure https to communicate with it.

1. On your Mac turn off your firewall for now to avoid issues contacting plex.tv.
2. Open Safari and go to http://lan.ip.of.qnap:32400/identity
3. That should return a small amount of XML data confirming that PMS is running.
4. The XML data should have a field for claimed
5. If it says claimed="0" then PMS still needs to be claimed by you.
6. If it says `claimed=“1” then the server is claimed, hopefully by you with your current credentials as versus your old plex.tv credentials which you might have recently reset.

If you were able to get XML data back and confirmed PMS is running, you should now be able to access the Player interface insecurely or securely depending on the whether it’s claimed by your current credentials.

1. Start by going to http://lan.ip.of.qnap:32400/web
2. It should load what we call the bundled web app (a plex player).

Let us know how far you get with this. Based on what you see determines the next steps.

jumping on here. .last week I upgraded QNAP to QTS 5.2.6 and plex stopped working for external connections. I am able to use it in my LAN, but no longer outside.

port forwarding is enabled, even asked my ISP for advice and tried a different modem/router/firewall, same issue.

server “remote access” says “reachable” (green) for 5 seconds, then goes to “not reachable” (red)

no external IPs in log. trying the beta now.

no luck. same problem. server says “fully accessible” for seconds > then changes its mind.

log shows it can see my external IP:

Sep 27, 2025 21:41:07.029 [139737146243896] Debug — [Req#958] MyPlex: Published Mapping State response was 201
Sep 27, 2025 21:41:07.029 [139737146243896] Debug — [Req#958] MyPlex: Got response for 6301379072d56ccaaf4dad06855fac3a174f4c03 ~ registered [MY PUBLIC IP]:32400
Sep 27, 2025 21:41:07.029 [139737146243896] Debug — [Req#958] MyPlex: updating mapped state - current state: 'Mapped - Not Published'
Sep 27, 2025 21:41:07.029 [139737146243896] Debug — [Req#958] MyPlex: mapping state set to 'Mapped - Publishing'.
Sep 27, 2025 21:41:07.029 [139737146243896] Debug — [Req#958] MyPlex: async reachability check - current mapped state: 'Mapped - Publishing'.
Sep 27, 2025 21:41:07.029 [139737146243896] Debug — [Req#958] MyPlex: Requesting reachability check.
Sep 27, 2025 21:41:07.029 [139737146243896] Debug — [Req#958/HCl#ac] HTTP requesting PUT https://plex.tv/api/servers/6301379072d56ccaaf4dad06855fac3a174f4c03/connectivity?X-Plex-Token=xxxxxxxxxxxxxxxxxxxx&asyncIdentifier=45f06167-7216-4ca5-a8f9-61530e0f357b
Sep 27, 2025 21:41:07.072 [139737171696440] Debug — [HttpClient/HCl#ac] HTTP/1.1 (0.0s) 200 response from PUT https://plex.tv/api/servers/6301379072d56ccaaf4dad06855fac3a174f4c03/connectivity?X-Plex-Token=xxxxxxxxxxxxxxxxxxxx&asyncIdentifier=45f06167-7216-4ca5-a8f9-61530e0f357b (reused)
Sep 27, 2025 21:41:07.073 [139737146243896] Debug — [Req#958] MyPlex: Updating device connections (from timer: 0)
Sep 27, 2025 21:41:07.074 [139737146243896] Debug — [Req#958/HCl#ad] HTTP requesting PUT https://plex.tv/devices/6301379072d56ccaaf4dad06855fac3a174f4c03?Connection[][uri]=http://[MY PUBLIC IP]:32400&Connection[][uri]=http://192.168.42.213:32400&httpsEnabled=1&httpsRequired=0&dnsRebindingProtection=0&natLoopbackSupported=1&X-Plex-Token=xxxxxxxxxxxxxxxxxxxx
Sep 27, 2025 21:41:07.157 [139737171696440] Debug — [HttpClient/HCl#ad] HTTP/1.1 (0.1s) 200 response from PUT https://plex.tv/devices/6301379072d56ccaaf4dad06855fac3a174f4c03?Connection[][uri]=http://[MY PUBLIC IP]:32400&Connection[][uri]=http://[NAS IP]:32400&httpsEnabled=1&httpsRequired=0&dnsRebindingProtection=0&natLoopbackSupported=1&X-Plex-Token=xxxxxxxxxxxxxxxxxxxx (reused)
Sep 27, 2025 21:41:07.229 [139737187932984] Verbose — Comparing request from ::ffff:192.168.42.254 against ::ffff:192.168.42.0/120
Sep 27, 2025 21:41:07.229 [139737187932984] Debug — Request came in with unrecognized domain / IP '[MY PUBLIC IP]' in header Host; treating as non-local
Sep 27, 2025 21:41:07.230 [139737177017144] Debug — Request: [192.168.42.254:52403 (Allowed Network (Subnet))] GET /media/providers (10 live) #a5d TLS GZIP Signed-in Token (REDACTED) / Accept => application/json / Accept-Encoding => gzip, deflate, br, zstd / Accept-Language => en / Connection => keep-alive / Host => [MY PUBLIC IP].f97889efb7c146f58e03318445219192.plex.direct:32400 / Origin => http://[NAS IP]:32400 / Referer => http://[NAS IP]:32400/ / Sec-Fetch-Dest => empty / Sec-Fetch-Mode => cors / Sec-Fetch-Site => cross-site / User-Agent => Mozilla/5.0 (X11; Linux x86_64; rv:143.0) Gecko/20100101 Firefox/143.0 / X-Plex-Client-Identifier => ut3b00g675g47f51hve1ovpp / X-Plex-Device => Linux / X-Plex-Device-Name => Firefox / X-Plex-Device-Screen-Resolution => 757x1053,1920x1200 / X-Plex-Features => external-media,indirect-media,hub-style-list / X-Plex-Language => en / X-Plex-Model => bundled / X-Plex-Platform => Firefox / X-Plex-Platform-Version => 143.0 / X-Plex-Product => Plex Web / X-Plex-Session-Id => d7f599a1-41ad-494a-880f-dc18cf525b0e / X-Plex-Token => xxxxxxxxxxxxxxxxxxxx / X-Plex-Version => 4.147.1
Sep 27, 2025 21:41:07.233 [139737187932984] Verbose — Comparing request from ::ffff:192.168.42.254 against ::ffff:192.168.42.0/120
Sep 27, 2025 21:41:07.233 [139737187932984] Debug — Request came in with unrecognized domain / IP '[MY PUBLIC IP]' in header Host; treating as non-local
Sep 27, 2025 21:41:07.233 [139737156791096] Debug — Request: [[ROUTER IP]:36145 (Allowed Network (Subnet))] GET /media/providers (11 live) #aa4 TLS GZIP Signed-in Token (REDACTED) / Accept => application/json / Accept-Encoding => gzip, deflate, br, zstd / Accept-Language => en / Connection => keep-alive / Host => [MY PUBLIC IP].f97889efb7c146f58e03318445219192.plex.direct:32400 / Origin => http://[NAS IP]:32400 / Referer => http://[NAS IP]:32400/ / Sec-Fetch-Dest => empty / Sec-Fetch-Mode => cors / Sec-Fetch-Site => cross-site / User-Agent => Mozilla/5.0 (X11; Linux x86_64; rv:143.0) Gecko/20100101 Firefox/143.0 / X-Plex-Client-Identifier => ut3b00g675g47f51hve1ovpp / X-Plex-Device => Linux / X-Plex-Device-Name => Firefox / X-Plex-Device-Screen-Resolution => 1865x1053,1920x1200 / X-Plex-Features => external-media,indirect-media,hub-style-list / X-Plex-Language => en / X-Plex-Model => bundled / X-Plex-Platform => Firefox / X-Plex-Platform-Version => 143.0 / X-Plex-Product => Plex Web / X-Plex-Session-Id => d7f599a1-41ad-494a-880f-dc18cf525b0e / X-Plex-Token => xxxxxxxxxxxxxxxxxxxx / X-Plex-Version => 4.147.1

then some external IP (plex?) Akamai / Linode does this:

ep 27, 2025 21:41:12.108 [139737185823544] Debug — [EventSourceClient/pubsub/178.79.145.139:443] PubSub: Got notified of reachability for async identifier 45f06167-7216-4ca5-a8f9-61530e0f357b: 0 for [MY PUBLIC IP]:32400 (responded in 5035 ms)
Sep 27, 2025 21:41:12.108 [139737185823544] Debug — [EventSourceClient/pubsub/178.79.145.139:443] MyPlex: reachability check - current mapping state: 'Mapped - Publishing'.
Sep 27, 2025 21:41:12.108 [139737185823544] Debug — [EventSourceClient/pubsub/178.79.145.139:443] MyPlex: mapping state set to 'Mapped - Not Published (Not Reachable)'.

and it goes “unavailavle”

This is:

1. PMS being optimistic as it sends out the “Can you talk to me?” request
2. If the answer comes back as “No”, it turns back to red.

This means that:

1. Either the port forwarding isn’t aligned / working
2. The sidekiq server IPs are prevented from connecting (GeoIP blocking?)

hey there

178.79.145.139 - is this sidekiq?

I already accused my ISP of blocking but they gave me weasel answers…

can you help me prove it to them?

so far I have tried

• different router (from isp and my own)
• DSL bridge and PPPoE directly from within PFsense
• firewall/NAT from built in the router and PF sense, both work for port 80/443 but not for 32400.
• translating port 32401 to inside 32400
• install PMS current beta version
• uninstall plex server and reinstall the regular version.
• at this point I think it’s either the ISP or something in qnap/QTS changed last weekend

any other hints?

thank you

Plex’s sidekiq servers are listed here:

https://s3-eu-west-1.amazonaws.com/plex-sidekiq-servers-list/sidekiqIPs.txt

The values it returns currently are:

54.170.120.91
46.51.207.89

With all you’ve tried, back to basics please?

What service do you have? Coax (cable), Fiber ?, Telco?
How many modem/routers do you have chained together?

Here is a pfsense Firewall / NAT / Port Forward rule
It is the only modem/router in the loop. It receives from the ISP and creates my 192.168.0.x LAN as well as does the port forwarding from the internet.

It reads:

1. Traffic arriving on the WAN adapter
2. using TCP protocol
3. From my “Allowed Remotes” group (a list of known IPs)
4. From any port on their side
5. Which is targeting my WAN address (the ISP assigned IP address)
6. with destination port port 31417

7. Is forwarded to 192.168.0.20 (the PMS server
8. port 32400

When you fill out the form for this, it looks like:

Screenshot from 2025-09-27 19-10-231156×1186 113 KB

The “Allowed Remotes” alias includes the Plex Sidekiq server IPs. This is how Plex is able to test if I’m “reachable” and my remote access works.

As for things to try.

This is a sign you’re talking to Plex.tv

[chuck@lizum ~.2001]$ curl plex.tv
<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
[chuck@lizum ~.2002]$ 

thank you.

Summary

What service do you have? Coax (cable), Fiber ?, Telco?

DSL connection from a local telco

How many modem/routers do you have chained together?

I tried with the combined modem/router from the ISP (draytek vigor thing)

and I tried with a DSL bridge that is connected directly into a LAN port of my QNAP. PFsense runs there, doing PPPoE with the ISP. Both don’t play nice.

image463×325 31.8 KB

Here is a pfsense Firewall / NAT / Port Forward rule

I tried with 32400 and 32407, both look good. Also seen in logs. (it arrives at the server)

Screenshot From 2025-09-28 07-37-461218×911 109 KB

firewall session/state:

image1146×175 61.8 KB

I do see this after a while.. IP .254 is the pfsense. relevant? or just session cleanup?

Sep 28, 2025 07:47:51.763 [139737185823544] Verbose — We didn't receive any data from 192.168.42.254:45760 in time, dropping connection.
Sep 28, 2025 07:47:52.179 [139737185823544] Verbose — We didn't receive any data from 192.168.42.254:42526 in time, dropping connection.
Sep 28, 2025 07:47:52.182 [139737185823544] Verbose — Didn't receive a request from 192.168.42.254:42526: End of file
Sep 28, 2025 07:47:52.191 [139737185823544] Verbose — We didn't receive any data from 192.168.42.254:22382 in time, dropping connection.
Sep 28, 2025 07:47:52.194 [139737185823544] Verbose — Didn't receive a request from 192.168.42.254:22382: End of file
Sep 28, 2025 07:47:53.057 [139737185823544] Verbose — WebSocket: processed 1 frame(s)
Sep 28, 2025 07:47:54.764 [139737187932984] Verbose — Didn't receive a request from 192.168.42.254:45760: stream truncated
Sep 28, 2025 07:47:57.093 [139737187932984] Verbose — We didn't receive any data from 192.168.42.38:41584 in time, dropping connection.
Sep 28, 2025 07:47:57.128 [139737187932984] Verbose — Didn't receive a request from 192.168.42.38:41584: End of file

talking to plex.tv

works.

a******@echobase:~$ curl plex.tv
<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>

so.. either the server is borken or my ISP is doing black magic stuff that is evil. I am running a pi-hole with OpenDNS as upstream. Also I force all other LAN clients there, if they try to bypass it. (via the pfsense).. and I disallow things like quic or DoH towards any of the big DNS servers… does plex need to talk to them directly?

DNS record [plex.direct].plex.direct looks good and resolves to my public IP.

andreas@echobase:~$ nslookup 77-161-[REDACTED].f97889[REDACTED]219192.plex.direct
Server:		192.168.42.204
Address:	192.168.42.204#53

Non-authoritative answer:
Name:	77-161-[REDACTED]f97889e[REDACTED]19192.plex.direct
Address: 77.161.[REDACTED]

I will try one more thing, using the ISP’s DNS servers. But then I am out of options.

EDIT: no joy. Everything is now “default” as the ISP wishes it.

the thing that keeps popping up is this IP: 178.79.145.139 (linode/akamai) - sure that is not one of yours? then it’s maybe a web firewall / honeypot of my ISP?

Sep 28, 2025 08:32:21.591 [139737187932984] Debug — [EventSourceClient/pubsub/178.79.145.139:443] MyPlex: reachability check - current mapping state: 'Mapped - Publishing'.
Sep 28, 2025 08:32:21.591 [139737187932984] Debug — [EventSourceClient/pubsub/178.79.145.139:443] MyPlex: mapping state set to 'Mapped - Not Published (Not Reachable)'.

The NAS was updated on the 23rd. but my kid tells me it stopped working on 20 sept already (when he wanted to watch something) - (I did reboot the box, no joy) - there was, however, a plex update… can this be related?

I am in the log directory of the QNAP but I can’t find anything useful there.. any pointers what to look for?

can I downgrade plex to test? is that an option?

or should I just blame my ISP? or plex?

I mean:

[Req#cdac] MyPlex: Sending Server Info to myPlex (user=[REDACTED], ip=77.161.[REDACTED], port=32407)

[Req#cdac] MyPlex: Got response for 630137[REDACTED]174f4c03 ~ registered 77.161.[REDACTED]:32407

EDIT2: the server seems to be a DNS server. name: pubsub09.pop.lhr.plex.bz

ndreas@echobase:~$ nmap 178.79.145.139
Starting Nmap 7.97 ( https://nmap.org ) at 2025-09-28 08:38 +0200
Nmap scan report for pubsub09.pop.lhr.plex.bz (178.79.145.139)
Host is up (0.016s latency).
Not shown: 997 filtered tcp ports (no-response)
PORT    STATE SERVICE
53/tcp  open  domain
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 5.40 seconds
andreas@echobase:~$ nslookup 
> server 178.79.145.139
Default server: 178.79.145.139
Address: 178.79.145.139#53
> plex.tv
Server:		178.79.145.139
Address:	178.79.145.139#53

Non-authoritative answer:
Name:	plex.tv
Address: 34.254.54.72
Name:	plex.tv
Address: 34.254.245.199
Name:	plex.tv
Address: 54.76.243.238
Name:	plex.tv
Address: 3.248.163.211


> 77-161-[REDACTED]19192.plex.direct
Server:		178.79.145.139
Address:	178.79.145.139#53

Non-authoritative answer:
Name:	77-161-[REDACTED]5219192.plex.direct
Address: 77.161.[REDACTED]
> 

EDIT 3: I give up

all the other services on my NAS work.. I even re-built the firewall and NAT rules, including PnP

yet.. after a minute >> unreachable.

Sep 28, 2025 15:03:25.983 [139737185823544] Debug — [EventSourceClient/pubsub/139.162.215.242:443] EventSource: Got event [data] '<Message address="77.161.[REDACTED]" port="32407" asyncIdentifier="a920628d-a17a-40d2-aa1c-0fe7f400520c" connectivity="0" command="notifyConnectivity"/>'
Sep 28, 2025 15:03:25.983 [139737185823544] Debug — [EventSourceClient/pubsub/139.162.215.242:443] PubSub: Got notified of reachability for async identifier a920628d-a17a-40d2-aa1c-0fe7f400520c: 0 for 77.161.[REDACTED]:32407 (responded in 5024 ms)
Sep 28, 2025 15:03:25.983 [139737185823544] Debug — [EventSourceClient/pubsub/139.162.215.242:443] MyPlex: reachability check - current mapping state: 'Mapped - Publishing'.
Sep 28, 2025 15:03:25.983 [139737185823544] Debug — [EventSourceClient/pubsub/139.162.215.242:443] MyPlex: mapping state set to 'Mapped - Not Published (Not Reachable)'.

hey @ianforber

sorry for hijacking your thread… but my problems started with QNAP version 5.2.6

QNAP now has a firewall.. I have NO CLUE how I enabled it, as it wasn’t even installed, but I remember I was messing around in Control panel > System > Security > Allow/Deny List
and wondering if that is actually for the NAS itself (like.. admin interface) or for the services behind it.

anyway.. I installed QuFirewall from the app store > then disabled it.

check if it works again. (assuming you have some kind of firewall going)

@ChuckPa I am embarrassed and sorry. But there is a firewall now in qnap. TIL

@blackpaw

1. QuFirewall is not required. ( I am running on both 5.2.6 and 5.2.7 - two machines)
   

   

   Screenshot from 2025-09-28 16-14-31510×281 42.4 KB

2. Combining modem/routers creates Double NAT – which is alias for “CHAOS!”

3. What’s the make/model of the ISP modem and can you log into it for Port Forwarding configurations ?

4. Removing PfSense from the chain is advised (you have double NAT or multi-path with both involved)