70.32.6.102 is a PIA IP address according to https://spur.us/context/70.32.6.102
PIA does have port forwarding but as far as I remember the port can’t be set by you. You have to see which port PIA forwarded then change the port in PMS to match. It can change every time PIA connects.
Same issue here. All users now seem to be experiencing this on my server, and I’ve even caught it going from Available to Not Available on the console. uPnP is enabed on router, and I’ve tried manual forwarding, changing firewall rules etc etc.
About a week or so ago, things were so consistently stable - one user commented that Plex was more stable for him than any of his Netflix, Prime or Disney+ accounts. Now it is so frustrating for users to be booted out at random, then presented with a blank menu.
Is a fix inbound for this? Things used to be perfect and now they are so unstable they’re unusable.
The OP has a VPN issue. Do you?
If not I would suggest starting your own thread and give us some details.
(The quoting system here is odd…)
If the Relay is disabled, you absolutely need an accessible port for remote access to work.
Whether that’s forwarded automatically with UPnP, or manually in a router, or by calling your ISP, or on your VPN provider’s web page. The method will change based on your setup.
I’m not saying that I don’t need this. I’m saving I do and I have done it. But then it breaks and it shouldn’t.
If your VPN reconnects frequently or is “leaky” that could explain some of the intermittent behavior. Maybe UPnP does work and Plex is establishing connectivity while the VPN is not active, for instance.
The way that software works is deterministic. IOW if you try the same action given the same inputs and config you should expect the same result. IOW if it was able to forward the port using UPnP before it should be able to do it again. Ergo it shouldn’t break
It would be interesting to try a few things -
My problem is in that last step. You see my users are not computer geniuses. Further, they are not always responsive. They don’t want to work with to solve the problem any more than they want to work with say NetFlix engineers to solve a problem ('cept they’re paying NetFlix and that might motivate them to call up, ■■■■■, complain and perhaps work with an engineer). Assuming my “try getting to my Plex Server from my phone’s cellular network” is a valid way to test remote access I can do that. But the problem is more like at 10 Pm or so one of my users will want to watch something from my server and it’ll fail and they give up. Later I’ll ask them if they are enjoying my server and they’ll say something like “it hasn’t been working for me so I just go to my NetFlix or Hulu”. They are not motivated at 10 Pm to call me or text me or work with me while I twiddle bits on my server and collect logs. In fact, I’m often in the dark that last week at 10 Pm they were having troubles with streaming things from my Plex server. And, of course, I don’t experience those same troubles because I’m on my local LAN where everything works and everything works fast.
And then to compare -
I think I’d rather try to figure out how to tell the PIA VPN not to include the PMS in the VPN. Again, I’ve done this on my desktop Ubuntu system but I haven’t found how to do that on the Synology. On Ubuntu there’s a GUI client with Settings. There is no such thing on the Synology version. There is, however, a settings.json file on my desktop that specifically mentions Firefox, a process I’ve exempted from PIAs VPN. I’m wondering if I can find that same settings.json file on the Synology but I couldn’t even find any file with “pia” in the file name so I don’t know how it’s even executing yet.
[/quote]
We are not yet certain that the issue is indeed the VPN. Even if it is, data indicating that the problem occurs both with and without a VPN is telling and useful. I’m not sure why you’re trying to chase off this guy when he has a valid point that seems to be germane to the issue here.
I’m not tryingvto chase him off. I’m trying not to dilute your issue with an unrelated issue. It helps both of you to keep the conversation on topic.
As long as you periodically see the PIA IP as your Plex IP you have a VPN issue.
If you want Plex running through PIA then you have to set it up accordingly.
Do you want to use VPN?
The topic here is “Remote access keeps getting disabled”. Whether or not the VPN is involved is irrelevant to the issue at hand, unless you do not believe the person who posted that he had the same problem without a VPN. IOW the issue is not diluted IMHO - the issue is the same, the symptoms vary.
I want to use a VPN for various processes that I’m running on the Synology. I don’t necessarily want to run a VPN for the PMS when it streams out a video to friends. Or, if a VPN must be used, then I want the PMS to consistently use UPnP on any IP it’s using, to do the port forward successfully and continue to service my users. Is that asking for too much?
Looking in my logs I see only one occurrence of the VPN not able to reconnect (Message said “Failed to redial by VPN profile (PIA_US_WEST)” and that was back on 10/02/2020. There have been many instances where both I and my users have had problems with PMS since that date.
Additionally, I can see it plainly saying that remote access is not available when indeed it is as verified by me connecting to my Plex Server from my cellular network. That’s just plain wrong or a bug. What it’s saying is effectively a lie. It should be consistent and accurate otherwise that indicator is pretty much useless, don’t you agree?
I think you should get PMS running outside the VPN just to eliminate that as an issue. Running PMS behind a VPN is a task in itself.
Can you whitelist apps with PIA yet? I can with SurfShark.
That would resolve that part anyway.
I could never rely on UPNP for port forwarding. I’ve had to set it up manually.
Sometimes I wonder if people even read my posts. As I said before I don’t know how to whitelist apps in PIA under Synology. I will email their support.
I would set up port forwarding manually too, but I’m not able to because my ISP and removed that functionality. I also said this before, several times now.
Sorry, I’ve done and read other stuff over the past couple of days.
I’ll be sure to re-read the thread top to bottom before responding in the future.
If you can’t try without running PMS through your VPN and can’t port forward I don’t know what you are going to do.
Someone will think of something.
Right.
The mystery of your ISP and port forwarding is something others can’t solve. A test without the VPN active and some logs could help answer.
If your ISP allows port forwarding, I would disable the VPN and get everything working and stable first. Do tests, share logs. I would do that first because it’s much simpler than trying to operate Plex with a VPN.
If you want to use a VPN, you need to make a choice. Either exclude Plex traffic from the VPN (split tunneling), or use a VPN that supports port forwarding.
If you want to use VPN with Split Tunneling -
How have you configured the VPN? OpenVPN profile import on the Synology? I’m not familiar with how to perform split tunneling on Synology. On some platforms this can be done reliably. I hope PIA answers!
If you want to use VPN with Port Forwarding -
PIA supports port forwarding in their client on supported platforms.
They’ve published scripts for manual port forwarding. Others have extended it for Synology. It looks workable but potentially fragile.
GitHub - pia-foss/manual-connections: Scripts for manual connections to Private Internet Access
Another choice is to run Plex on another system without VPN.
If you decide to request port forwarding from your ISP maybe try 3389 (Remote Desktop) or 5631 (PC Anywhere). A lot of us are working from home and have to occasionally check something on a home PC through our phones, right? 
I also wish the people replying here would answer the questions that I’ve asked. For example, I said a few times now that I test remote access by turning off my wifi on my cell phone thus using my cellular network to see if remote access is working. So question 1) is this a valid test for remote access? And question 2) Assuming the answer to #1 is “yes that is a valid test to show that remote access is working” and I am able to stream things to my phone, then how can the Remote access setting say “Not available outside your network” when it’s obviously available outside my network?!?
Also, I said that what I’ve heard is that my ISP (Cox) does allow port forwarding but you can’t do it yourself on the router. It instead directs you to wifi.cox.com. I’ve googled how to use that page to do the port forwarding myself and found many people explaining how to do it. Alas, they are saying click here or select that and “here” and “that” no longer exist on the page. I did see another person saying that Cox had removed the functionality and now you need to call them up. Rather than calling them up and risking them saying “Well you’re not allowed to run a Plex Server here on Cox” I was trying to figure it out myself. Besides, it’s obviously forwards that port sometimes, even most times, but seems fragile and breaks on occasion. I still think I may go to them and tell them I have a security cam that needs a certain port forwarded then configure PMS to use that port.
It doesn’t seem to make sense to disable the VPN and get everything working, collect logs, etc. when remote access seems to be working right now. IOW I need to wait for it to break and recognize that it’s broken to do things like toggling off the VPN and seeing if that fixes things, etc. Hence my question about whether using the cellular network is a reliable means for determining if remote access is working because it seems clear to me that the Remote Access config screen cannot be relied on to tell one the truth.
Another problem for testing when remote access is broken is that my usage of my PMS is local and thus I’m not using remote access to see that it’s broken. And my users do not call me up breathing down my neck when the service is broken. So it’s hit and miss.
I am using PIA VPN by importing an opvn file (that needs to be modified as PIA incorrectly specifies compress instead of comp-lzo and Synology supports comp-lzo). As I understand it then I am using my PIA username and password and through the opvn file, their servers but I am not running PIA code on the Synology. As such I have just finished composing two bug reports, one to Synology and one to PIA, asking how I can perform split tunneling on the Synology using PIA.
Thanks for the pointer to PIA’s port forwarding stuff. Looks interesting but I think I’ll wait to hear answers from PIA and Synology first before trying that.
While I used to run PMS on my desktop I would prefer to run it on the NAS. Why? Well because my desktop is connected wirelessly whereas my Synology sits just under my router and is wired. Wired is the most convenient, reliable, and fastest way to run PMS as I understand it and it’s ideal for me as I sometimes move from apt to apt and wiring vs wireless options change. Running cables around door frames and the like really gets old, especially when you’re only in the apt for 6 months and then you’re moving again (thinking back to the guy who said to me “why don’t you just put your noisy Synology in your garage?” - because I don’t’ have a garage nor is my wired router in my garage!)
Thanks, my thought was a security cam as that would need to be port forwarded and on 24/7. I just don’t know which security cams are popular and which require usage of a certain port.
Yes, that’s a good way to test.
I dunno. Stuff’s not perfect.
Probably because from the perspective of the Plex Server, and from the helper myPlex servers used to validate connectivity, something doesn’t look perfect. In that first screenshot you shared, the :0 port was funky. Share more, and logs, if you want.
There have occasionally been bugs in that happy green indicator light. As far as I know it’s working pretty well right now.
There’s a big difference between “sometimes it works” and “is supported”. If your ISP is taking away port forwarding features - and you’ve described them being shady about it - that could explain intermittent behavior.
Up to you, obviously. I encourage it because you’ve got a bunch of moving parts and it’s nice to have a baseline to work from.
Many people run Plex reliably on Synology. Adding VPN and split tunneling or port forwarding is less well-charted territory.
Cool. That’s probably a good scenario, because it’s in the GUI and it’s common technology underneath. I’m finding it difficult to search for solutions because of all of the other VPN server stuff Synology supports.
I’m curious what you hear back from Syno and PIA.
I didn’t suggest that your desktop was a better solution.
I’m saying that it may be unrealistic to expect a NAS+VPN+Plex to work reliably if the NAS+VPN don’t support split tunneling and/or port forwarding.
You must admit it’s a rather large bug.
I really don’t think I’m asking too much to say "if something doesn’t look perfect then, by all means, tell us what doesn’t look right! I really abhor the “Something went wrong” style of error reporting that programmers do nowadays…
Who said anything about it not being supported. I was merely commenting on the deterministic nature of software in that if it worked before and nothing has been changed (I know that part is a bold statement) then it should continue to work and not be intermittent.
Not in my book as I do not think that the ISP is taking away and giving back the port forward. IOW there is no reason for them to give back what they’ve taken away. So if it worked before that is evidence that the functionality is present and not blocked. Also, if they blocked it then it shouldn’t return.
What I was trying to say is that it doesn’t make sense disabling the VPN and all that stuff if currently, remote access is working. And when it’s working there’s no reason to experiment with why it’s not working.
Currently am I not adding a VPN or rather that VPN was always running and again, my users were able to stream from my Plex server. And I’m doing no split tunneling yet as I don’t even know how to do it. I would say that split tunneling would be useful if for no other reason as outside of the VPN the network is faster. And the only port forwarding I’m doing if at all is courtesy of UPnP and again if it is able to port forward once, shouldn’t it be able to port forward all the time? And if it isn’t shouldn’t the Remote access page say something like “Unable to port forward using UPnP”?
I believe, but have not verified, that the Synology is using OpenVPN to perform the VPN stuff and then just using my PIA VPN config for the username/password and the VPN server to connect to. As I said on my desktop there is a GUI written by PIA that controls stuff. I’m actually using WireGuard on my Linux boxes because WireGuard is in the kernel now. So I think I just need to configure the underlying OpenVPN backend on Synology to split tunnel things. I saw some articles from Synology but it wasn’t clear to me how to configure it so I opened a ticket with them. I also opened a ticket with PIA in case they knew the answer.
I will report back when I hear.
I don’t think it’s unrealistic as Synology and Plex are often used as you say. Plus anybody valuing anonymity will probably be running a VPN. IOW I think the Synology can handle it - just needs to be configured properly.
same thing I had, everything working fine, log on, oh we just did an update. Here we go again. Every time there is an update I spend a week trying to figure out why it’s not working anymore or keeps dropping off. Then another update gets pushed in the middle of the night. I also tend to get a batch of buy our premium service so you can just use airplay .
Have you looked at your public or private selection for you network adaptors. Might need to change that setting, I did 
I’m sorry but that didn’t parse for me. Can you explain exactly what my network adaptors have to do with this and how exactly I can check those settings?
Windows button, settings, network and internet, ethernet, select your network adapter, make sure it’s on private.
If it’s set to public you will have issues seeing that device.
