Plex over Tailscale

jfiel20 · October 20, 2023, 3:01pm

I am running Plex in Docker. I have Tailscale on the host. I also have Tailscale on my iPhone. Tailscale is a VPN (in the traditional sense of allowing remote devices to access the LAN even when not connected to it).

When I am out the house I can access Plex on my home server using Safari on my phone despite not being on the LAN as Tailscale invisibly routes the network traffic back to my server. I have many other self hosted Docker containers on that server and I can access all of them remotely too over Tailscale, no problem.

The only exception is the Plex iOS app. I have added my server’s Tailscale IP address under Advanced>Server Connections but it gives me a 401 error message.

I am logged in to the app and it works fine automatically on the LAN using autodiscover but it won’t let me add the server by IP address and it doesn’t work remotely.

I am aware Plex has an integrated remote access solution but I already have Tailscale for this purpose and it has no bandwidth limits so I disabled remote access. This should make no difference as Tailscale is on the host and it works remotely in Safari, but as a test I tried enabling remote access. This didn’t work and it showed a red X in the settings page next to my IP address - I think this is because it assumes remote access will be over my public IP (where I have not opened the port) rather than through Tailscale (which has a different IP address) and I can’t see any setting to tell it what IP address to use.

This is NOT a Tailscale specific question as proven by the fact that it works remotely in Safari on the phone. Also the 401 error implies that it is connecting, just not authenticating (it gives a different error when can’t connect (1004)).

In Settings>Network I have whitelisted the entire Tailscale IP range and added the server’s Tailscale IP address to the custom server addresses.

This seems to be a bug with the IOS app or with the magic Plex tries to do to make its integrated remote access work - I just want Plex to stay out the way and let me route the traffic myself! This works when viewing my Plex server in Safari and with Jellyfin and all other apps. Is this possible?

jfiel20 · October 22, 2023, 1:13pm

Seem to have fixed it using Getting Plex Media Server to work with Tailscale - JJP Software

In short, it seems to be a combination of:

some bug in the Plex iOS client to do with auth
undocumented Plex ‘feature’ where non private IP ranges are silently not accepted in the whitelist ‘List of IP addresses and networks that are allowed without auth’ which is a problem as Tailscale is using the 100.64.0.0/10 space

I fixed it as suggested in the link by having my proxy replace the headers with a local IP address to fool Plex into thinking it’s local. It’s insane that this is required. I think I will stick with Jellyfin - ironically it has better support. Plex’s lack of support seems inexplicable for a fairly expensive paid app, and while it’s a bit slicker in places there’s also a lot of cruft.

m5gd9 · October 22, 2023, 5:06pm

I have no problems at at all using iOS Plex and iOS Plexamp on the road through Tailscale.
I can‘t remember doing some esoteric settings or installing third party tools to make this happen, it worked out of the box. This should be a good message — it will work. Somehow…

What are your network settings in Plex Server? Do you allow external access?

jfiel20 · October 22, 2023, 7:59pm

Thanks. What setting do you mean by external access? Do you mean Settings>Remote Access? I have enabled that but that settings page shows ‘Not available outside your network’ because it is not available on my public (non tailscale) IP address.

Under Settings>Network, are the following settings:

Secure connections: Preferred
Strict TLS: On
Local network discovery: On
Relay: Off (I don’t want to use Plex’s relay servers)
Preferred network interface: Any
Custom server access URLs: I have added my tailscale IP address
List of IP addresses without auth: I have added the Tailscale range but it seems to ignore it

It seems to work using my earlier workaround and I am ok with that, given I am running the proxy (Caddy server) anyway for my other containers.

It may be relevant that I am using Docker and bridged networking. I note that under ‘Preferred network interface’ the only other option is eth0 with the Docker IP address.

Topic		Replies	Views
Can No Longer Connect to Plex via 1st Party apps using Tailscale Remote Access server-mac , ios	3	877	March 24, 2026
Plex client remote access issue with Tailscale Remote Access networking	20	1170	March 22, 2026
Unable to connect to my Plex server with Tailscale with Plex app Remote Access server-windows	2	843	July 12, 2024
iOS Plex app via tailscale not recognizing server (auto and manual) Plex Players server-windows , ios-legacy	6	927	September 13, 2025
Plex Remote Access and Tailscale - ISP WAN IP forwarding to Tailscale IP Remote Access server-windows	1	321	November 16, 2024

Plex over Tailscale

Related topics