I’ve already gone that ‘network connectivity’ route, thinking ‘perhaps my ISP is having maintenance’
I can say with 98% certainty that a majority are not my end. Constant ping statistics from an external site after the 2nd or 3rd (don’t remember) day of 10+ notifications all come back clear.
I’m more likely to blame timeouts on Plex remote, or the timeouts internally due to DB opts.
It’s great that there is a community effort with trying to get to the core issues with these on going remote access bugs, although it has now been at least a month since this issue was prevalent on my particular server, and therefore I indeed decided to backdate the PMS server update to version 1.13.2.5142. Ever since I did this, there has not been any issues with remote access or Tautulli working in conjunction and being on all the time. If my pushover notification agent is enabled however, and sending to my iOS app, it will continue to send out constant loss and reconnect notifications regarding the remote access server issue (even when this is not the case, and is indeed working 24/7 with this particular update now). But what I am hoping though is that I can indeed update the server to the latest version of 1.13.4.5271, knowing that I am able to have a fully updated server, but without the remote access problems interfering. I too host a remote server and want the server to be working (if at all, and as efficient as possible).
So can someone please tell me if there is indeed a fix for this, a workaround, with using the latest PMS update and Tautulli being enabled as well? I am kinda feeling like I am lacking around 5 server updates up to .5271, but at the same time do not feel I can trust this re upgrade unless I have actually heard that the issue is fixed?
Thank you.
Could you get me logs of 1.13.2.5142 with debug logging enabled collected soon after relaunch of Plex Media Server - say 5 minutes after launch?
Hi to sa2000,
I am fairly new with the PMS logs department, and I understand that I can download the logs from the help section of the PMS (and currently have .5142 update installed) and send it to you, is this what you would like me to do? If not, please advise how to go about this or what logs you are talking about, cheers
Yes that would be what i want but not now. I need to see it just after a relaunch of Plex Media Server. So next time you restart Plex Media Server get me the logs zip captured 5 minutes after launch
I would like to compare that with 1.13.3.5208 and 1.13.3.5223
As requested, I have now PMed you the logs at about 5 minutes after restarting my PC and therefore also the PMS server, and then downloading the logs off the web app.
Just a note. I’m using the fixed public address. I’m writing my_public_ip:port (like 1.3.4.5:6789) instead to specify only the public port. Now it seem to work, no remote loss in the last days.
ciao
luigi
Thank you. Useful. But i need to tell you that you are getting connectivity test failures.
over a period of about 9 hours on 2nd August between 12:17:11 and 21:49:03, there were 576 requests to test connectivity and 322 of them failed to get request of GET /identity to reach your server. Only 254 tests got through. The ones that got through were from Plex Amazon Cloud IP addresses in ireland 54.246.141.109 and 54.246.248.53. The ones that got lost may have come from different Amazonws IP address
https://ip-ranges.amazonaws.com/ip-ranges.json
I do not know why the other 322 did not get through. Do you have any filters on any territories / IP blocks? Any bandwidth usage control software ?
I can tell you that I do not use any VPN software or anything else like that installed, although I do have Peerblock installed, which is simply using the default blocked IP listings update that was initially synced with this program, as to use the iblocklist list requires a subscription which I simply haven’t got around to as of yet. All IPs that are blocked are listed on the application as it comes to show, and which I have not seen anything out of the ordinary pop up?
I am now sending you the Peerblock default IP blocked listing via PM for today. And if you do believe this is the case, may I ask why my remote access is working, while for other PMS users it is not?
Edit: It’s past midnight here. I do need to head to bed, but will return within 8 - 10 hours time, cheers.
I think users should be upfront declaring things like this otherwise we waste a lot of time investigating.
I suggest you remove Peerblock from your system. Obviously they are not aware that Amazon Cloud Services host web sites for loads of different companies and they may switch their servers round and move clients web sites from one to another - therefore a strategy of blocking IP addresses within the Amazonws Cloud range is a No No.
I do not know which Amazonws IP addresses were used for all the connectivity tests but your Peerblock is blocking 3 IP addresses that are within the Amazonws IP ranges
It is blocking 34.244.145.207 and 34.244.6.8
These are within the Amazonws range 34.240.0.0 to 34.247.255.255
It is blocking 52.213.132.78
This is within the Amazonws range 52.208.0.0 - 52.215.255.255
You can see the peerblock blocked IPs file that it is referencing Plex port 32400
It is possible that the timing bug I mentioned before has some other manifestation when there is a connectivity test failure. This bug must be in a version later than 1.13.2.5142. Also 45% of the tests were successful - Peerblock has not banned all Amazonws addresses. Also Tautulli waits for a number failures before flagging it to the user.
Thank you sa2000 for your recommendation. It’s great that you have pointed out my potential installed software flaws re IPs that may have been blocked. But this does not solve the problem mate. If other users that are facing this remote access issue, and have the latest PMS server update installed, along with if they also have Peerblock/or other IP blocking software installed and what happens to their situation if they indeed disable Peerblock, I would like to know what happens - as it may or may not fix the underlying issue.
Peerblock is a great tool to inevitably block unauthorized IPs that are indeed intrusive and intruding into one’s internet connection from trying to get through, when they have no right to be intruding in the first place. As much as you believe Peerblock may be my case, as stated I need to hear from other users that may have the same setup, before blaming Peerblock as the root cause. Thank you.
@SunnyDays - Peerblock blocks too many “good” IPs with little easy way to allow for individual sites by name. I used it for many years - then I installed Plex, and quickly had to remove it.
Your issue isn’t the same as mine - every check my server attempted to try, it reached the check-in servers, it’s just that the check-in servers started saying “we don’t know you”
Most of your checks aren’t even making it, due to Peerblock.
As indicated
Yes I do understand, and I will indeed need sort out my own Peerblock installation. I do appreciate both sa2000’s response, efforts and yours in making that clear.
It sounds like this then may have sorted out one of ‘my’ issues with remote access connectivity, but not the underlying cause, as you have just pointed out @JamminR. Until this is sorted I will still not be re upgrading until things are resolved. cheers
For RJM22 or anyone else following the thread that use firewalls - if the firewall is separate of the server (not running on it), I strongly encourage using firewalls that allow whitelisting by domain NAME. Many domains now don’t use a static IP address. If the firewall is on the server itself, perhaps find a firewall that allows by application name (many Windows based firewalls, including Windows itself, do)
There are a few posts above where people fixed their remote issue by removing (geo or range) ip restriction.
Though I’m happy they are fixed, I feel it distracts from the original issue - a random loss of connectivity seemingly having nothing to do with local firewall or network. (But yes, possibly contributed (not fully caused) locally by actions of Tautulli)
I’m not much of a network engineer. So, are you suggesting we whitelist AmazonAWS.com?
I’m having the same issue. No peerblock, no VPN, ports are open.
A LOT of people are experiencing issues with this.
https://old.reddit.com/r/PleX/comments/946ydm/plex_server_not_available_outside_network_but_it/
Some sort of official statement regarding what is being done about it would go a long way here.
Edit: Looks like an employee said it is being looked into in this thread.
Notice how that guy wasn’t a total knob about it…
1 Like
Not amazonaws, though it would work but be too broad. Any Plex.tv domain. It would properly allow connection to any of the Plex servers. Primarily in this case I believe pubsub.plex.tv is the name the check access service uses.
Ah…thanks!
Ok guys. I have been following these threads about issues with remote access being down and fall into the category of the frustrated to say the least. But this weekend I believe I found the crux of what was going on for me and fixed it. I appologize if this does not belong in the area of posts but felt some of the information may help others to look at their setup. I am a long time plex user and through using it I have learned a lot about networking but mainly am a hobbiest. I am by no means an IT Networking expert.
First I think it is important to provide my setup. I have a QNAP TVS-EC880 NAS that runs my plex media server and stores all my media. I really think this post may still apply to other OS formats and server setups.
Here is where it gets important. I have ATT Uverse Gigabit service. Obviosly being fiber the speeds are amazing however the service is very “locked down”. They require you to use their “gateway” in order to use there service. There is no cable modem that I can plug my own router to. Plus the TVs run on the same gateway. I implore those who have uverse service to look closely at this. When I installed the service ~ 2 years ago I made amends with this and had set up this gateway in conjunction with my plex server as per Plex instructions manually specifiying port and what not (My most recent ATT provided gateway is an Arris BGW210-700 - touted as the “best” gateway they have). I had to learn how to port forward with their terrible GUI but literally had several years of uninterrupted remote access. Never had a problem.
So I think problems started maybe 4-5 months ago maybe longer? I started noticing the green remote access light turned to red and stayed red. It was strange at first but all of my remote users still said they had access. So figured it was probably a Plex issue with an update. No biggy still worked… Until these last few rounds of Plex updates. Then “s” hit the fan. Basically no “direct” connection to my server from remote plus just started having a bunch of issues with remote streaming. Plex tried to keep it up and running (god bless it) by using the “indirect” streaming method. Pretty cool of them to have this feature but still my users were only able to stream max 720p and 1 mbs and mostly did not work. Just not the solution I was happy with.
What was really interesting is that I could down grade my server to an older plex version and it would “work” better. I was thinking this then must be a Plex side issue for sure with the latest updates. I have my ports set, nothing has changed, I didn’t start any new firewall, vpn, etc. Truly had not changed anything with my setup. Figured I should wait until Plex sends out an update and fix the problem for me… However I went back to my “trusty” Arris gateway to recheck my settings. As I was going through the settings I did notice that I felt the GUI had changes some. There were new settings I didn’t remember seeing. I then felt ATT maybe changed some stuff up on me and wasn’t allowing plex through because they added new firewall setting and packet protection settings. I decided to test this on the gateway side by turning off all firewall settings and packet protections and what not. To no avail - light would pop green for a few seconds then back to hard red. Plus this probably is not a good idea to keep that stuff off on a regular basis anyways. So I figured that my gateway must not be the issue if turning off all of the security features didn’t do the trick then it must be Plex.
So back to Plex I went. Pulled my logs even though I really have not much of a clue what I am looking at but decided to see if I was getting some Pubsub async errors too. Sure enough there they were. Also found an interesting line in the code that said WARN NAT: PMP, got an error: Not supported by gateway. After that then the PubSub Errors started coming through. Now maybe this is just dumb luck but after I saw the error with the “gateway” I decided to take that out of the equation.
Ok so grabbed an older linksys router (EA6300) and set off to bypass the Arris gateway and let linksys give it a shot. So the only way to do this is to put the Arris gateway into IP Passthrough mode. This did take some time but worked my way through it. Finally had my linksys router handling the public address, had my ports forwarded on it, and my server has its DHCP reservation on the linksys. Also have to check for double NAT but once this cleared…Low and behold the damn light stayed green. Remote access restored. Had several friends test it remotely just to be sure and they no longer had indirect access.
I did this 2 days ago and waited to see if it dropped. It never did. So just as a little side note - I went out and got brand new Netgear Orbi Pro (srk60) wifi mesh network (total overkill for my house although it has 4 stories and I don’t run a business out of my home…). I Installed it today had to reconfigure IP pass through once again on my ATT gateway for it and it still worked! I also updated to newest server release (I am plex pass for life so have access to newest). Darn light still staying green and friends have remote access. At this point I feel I have won this round…
Summary/Speculation/Tin hat/Conspiracy Theories
First I hope this has been helpful and not way off base. Some things that struck me is that I had to try and figure out whether this was a Plex issue or a “router/gateway” issue. I think this could possibly be a little of both. I recently read that Plex has now created a media server that works on routers independently. Could this setup trigger something in the ATT gateway to block all access to internal server? More than likely though it is the “Man” ATT that has decided that they needed to send router/gateway firmware update that was incompatible with Plex just to stick it to us for using up their precious gigabit bandwidth that I pay good freaking money for! Also I am still required to use their provided crappy gateways. I still have to plug my ethernet connected cable boxes into the gateway to watch TV. There is no way around it as far as I have been able to research. The other thing is the recent news of many routers having certain malicious firmware installed on them may have triggered something from ATT and they freaked out not wanting their gateways to become infected… Sorry if I have offended any ATT employees but I do think they could look into providing gateways that are more mainstream.
So in conclusion if this story maybe sounds familiar and if you are having remote access issues I would def look at the router/gateway configuration and if it is your ISP that provided you with it see if you can bypass it (IP Pass Through/Bridge) with a “normal” router. If not maybe your personal router had firmware updates that added something in a recent update that is not compatible with plex. Then recheck everything. Also be sure to reboot things a lot and basically reset up your entire network. 
falcon out!
So @JamminR, when you speak of adding the ‘pubsub.plex.tv’ to the Peerblock allow list, I am guessing this is how to then add it?:
Peerblock > List Manager > Add > Add URL: ‘http://pubsub.plex.tv’ > Type = Allow ?
Also, under Port Settings > Add > Allow From = Both > Port = 32400 ?
I am unsure of any other way I could do this (and are unaware of any other IP blocking application either)?
Thanks
