@RichardU what Secure connections setting have you set?
I would like to use Required, but it fails to connect externally. This would suggest that, its not a secure connection? Is there something that can done on the NGinx side?
That said, I have set Secure connections to Required, on NGinx set the Scheme to HTTPS and under SSL Tab, Force SSL and it works!
Epic!
Can anyone else confirm this is working for them?
Just a final note,
To get Plex TV app to work externally I had to not “force SSL” and left the Scheme as “https” enable. I found that leaving PMC set to Preferred. What this means I gain the unsecure performance internal and still get the secure external connections.
Thanks @RichardU and @Silversurfer79 for this great thread.
Just to get things straight:
First I forward TCP ports 80 and 443 on my router to 80/443 on my NPM (192.168.0.140 for example).
Then on that NPM I point it to local plex server (192.168.0.90) port 32400.
The DDNS address “myplex.dynu.com” is getting my external IP via client update utility.
→ So when I access myplex.dynu.com it redirects to my external IP (router) which then
redirects to NPM via port forwarding which then redirects to Plex Media Server, right?
Just asking because I cannot seem to make it work (just simple HTTP redirection, no SSL for starters).
Really need a hint. Best wishes!
Hope this helps @Plexihexi1231,
I don’t suggest publishing your DDNS on forums (security issue as it’s easy to find your IP from there), the URL times out, so it could be your firewall not forwarding to your NPM. Normally if you get the forwarding working the NPM will have a default splash page that you will hit, then you can setup the forwarding host.
1 Like
Thanks for your help. the ddns address was just an example. when I get this:
So I guess DDNS redirection works. But I have NPM setup to point to PMS and PMS has the DDNS address, too.
I cannot find the mistake 
That looks like the default page you hit if you have not setup a Proxy Host on your NPM or using the wrong port.
See @RichardU comment here, Remote access solved with NGINX Proxy Manager - #11 by RichardU
Check my image again and make you carefully read each URL and port requirement.
A final thought, make sure you specify the domain you’re using in your local DNS or if you don’t have use the host file in windows to point the domain to your NPM. This will allow you to test internal the traffic and connections work before making available externally.
Feel free to DM your Proxy Host Page and Ill double check your config.
1 Like
That’s all correct. I suspect your problem is not using SSL. Go ahead and set up letsencrypt in NPM and see if that helps.
Frankly, SSL is the most convoluted part of everything. IIRC, NPM communicates to the internet via SSL (https) , but then forwards to Plex via HTTP (in my case, although you can see above that others differ.)
1 Like
Just allow unsecure connections in plex and it should work as a test
1 Like
I get this when trying SSL:
also I thought to try without SSL first to have one layer of errors less.
PMS is setup to prefer secured connections, and clients are setup to ALWAYS allow insecure connections.
Normally this happens when port 80 is not open to NPM, as inbound through the firewall. Port 80 is needed for Let’s Encrypt to request and renew certs. LE also must be able to resolve you domain name on port 80 for the cert to successfully be requested.
This may have been unclear (Edited) the image; you should have a domain name point to your DDNS name using a CNAME. LE needs to be able to find a publicly searchable Domain name to do a lookup on and DDNS point back to your home IP. Remember your DDNS name is only known to you and LE won’t be able to do a lookup on it.
I suggest looking at my image again,
1 Like
I think “domain name point to your DDNS name using a CNAME” is the culprit. I have a DDNS (duckDNS or Dynu) pointing to my IP. but what exactly is CNAME?
I used this file to create NGINX Proxy Manager:
" ```
docker run -d
–name=nginx-proxy-manager
-p 8181:8181
-p 8080:8080
-p 4443:4443
-v /docker/appdata/nginx-proxy-manager:/config:rw
jlesage/nginx-proxy-manager
Maybe 4443 and 8080 are the wrong defaults?!?! Shouldn't it be 443 and 80?
update: managed to get SSL “working”. It shows LetsEncrypt in NPM, but in Tautulli the connection is “insecure”? Maybe because the connection is secured to the NPM server, but then gets HTTP (insecure) to the plex server? is there a way to tell if it is a HTTPS stream to the NPM?
I have a very similar setup to the OP. This works and is the most secure way to opening up your Plex server to the outside world (using subdomains).
Sir would you be able to send me all the screenshots for setting this up? I’m looking to go this route to make things for secure and have less open ports but wanted to make access wasn’t broken to all external devices that access my plex (iOS App, Android App, Rokus, PlayStation’s and TVs). All the help is much appreciated.
Can we get a video? I’m so confused but so interested 
There are 4 major steps:
- Get a domain and point it to your home IP
- Install and set up NGINX Proxy Manager (NPM)
- Change your router firewall settings
- Change your Plex settings
If you hunt around there should be videos for every step. The Home Assistant forum documents NPM pretty well.
If you have difficulties, please ask specific questions (screenshots) where you are stuck.
Cheers, Richard
