Hey everyone,

I’m running a Plex server on my Synology NAS and trying to access it remotely using a Cloudflare Tunnel due to my ISP using CGNAT, which prevents traditional port forwarding.

After researching potential solutions, I came across this guide, which was suggested by other Redditors in this thread. I followed the steps and have Plex working externally in a web browser, but I still can’t get the Plex app (desktop or mobile) to connect.

Current Setup:

• Plex Server: Running on Synology NAS
• Domain: mydomain.com (with subdomain plex.mydomain.com)
• Cloudflare Tunnel: Routes traffic to NAS server on port 32400
• Plex Settings:
  • Remote Access: Disabled (forcing all connections through Cloudflare)
  • Custom Server Access URL: https://plex.mydomain.com:32400
  • TLS Verification: Disabled
  • WebSockets: Enabled

Current Behavior:

I can access Plex externally via https://plex.mydomain.com in a web browser.
The Plex app (desktop & mobile) fails to connect externally.

I’m using the Plex app to test access because I want to ensure friends/family can connect without issues, regardless of their device.

Troubleshooting Steps Taken:

1. Ensured Cloudflare Tunnel is correctly routing traffic – Web access confirms this.
2. Disabled Remote Access in Plex and pointed it to the correct Custom URL.
3. Verified the Discovery API Response – The public address does not match my defined domain.
4. Obtained and applied a Cloudflare Origin Certificate to my Synology NAS.
5. Enabled Debug Logging in Plex – No “failed to connect” errors in logs.
6. Tried HTTP & HTTPS connections, both direct and through Cloudflare.
7. Cleared Plex app data and reinstalled it on test devices.

Next Steps / Questions:

• How can I ensure Plex properly reports my public domain in the Discovery API?
• Is there a way to force the Plex app to recognize my Cloudflare-routed address?
• Would a different Cloudflare setting (e.g., Proxy Mode, caching rules, etc.) be causing this?
• Has anyone successfully used a Cloudflare Tunnel with Plex and had full app functionality?

At this point, I feel like I’m missing something small but critical. Any guidance from those who’ve successfully done this would be greatly appreciated!

I checked your Plex.tv account info.

Server “H-G-P” is coming up as a local lan server address (“dp.lp.eieio”)

The important piece missing is the server address is NOT published.

1. Confirm you have a full URL in Settings - Server - Network - Custom Access URL

2. Enable Remote Access once to kickstart it so Plex.tv “publishes” it.

Chuck,

Thanks so much for taking the time to look at my account in particular… this has been a frustrating issue to troubleshoot over several weeks, and I really appreciate your help.

I updated my custom url to NOT include the port designation (I previously had https://www.ip.com:32400). Then I enabled remote access, disabled “manually specified port”, and retried. On my test device it appears to be working without the relay, I’ll confirm with my family later today.

It does appear that through the PLEX Settings, Remote Access shows “not available” and has a red exclamation mark, despite having an active connection. Does this mean there’s any additional issue(s) to troubleshoot?

Thanks,
DarklighterDude

How to you have your remote access configured (details)
-and-
Do you have regional access blocking in your firewall ?

Custom server access URLs are usually of the form:

1. https://FQDN.url.tld:port (when manually configuring WAN port)
2. https://FQDN.utl.tld (when letting PMS use UPNP for port management)

You’ll also need to add your cert (Cert, Key, CA in a P12) to PMS so it accepts the inbound connection and then transitions to the plex.direct for all other connections.

Before I forget, there are two server IPs (sidekiq) which perform the Remote Access test

Make certain to allow these through the firewall rules

• 54.170.120.91
• 46.51.207.89

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.