Server not downloading metadata

Server Version#: 1.15.4.993

I just built a new Plex Server in a FreeNAS 11.2 jail and it is not matching any media or downloading any metadata. I have done a lot of searching and noticed “HTTP 401 response from GET http://127.0.0.1:32400/system/agents/search” showing up in the logs whenever it I try to manually match a movie.
I’m also seeing NAT: PMP::getPublicIP, couldn’t initialize: -3:Unable to get Gateway over and over in the logs.
Plex Media Server Logs_2019-05-09_11-33-21.zip (1.5 MB)

I’m no pro here, but I just had the same issue after I added some content on my Plex Server on my RPi. I was getting a 401 when it came back to a local API on loopback. I found an old thread that suggested adding your local IPs to bypass auth.

I added the private IPs of my plex server to the ‘List of IP addresses and networks that are allowed without auth’ under Settings - Server - Network - ‘Show Advanced’ and metadata updates started working.

I’m now searching for why that workaround is relevant. My system is Linux and this other thread was more relevant to you being on FreeBSD and dealing with jails. If the workaround works it might be that this jail doesn’t have a loopback to source from so the server looks to auth a local request. That isn’t my issue, but hopefully, it helps.

I found my problem, a set of software I installed to have my system act as an access point (RaspAP) configured iptables to NAT everything on the system, I had to enter an exception for connections destined to 127.0.0.0/8.

$ sudo iptables -t nat -L -n -v
Chain PREROUTING (policy ACCEPT 5919 packets, 1398K bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 5919 packets, 1398K bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 2406 packets, 157K bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2406 157K MASQUERADE all – * * 0.0.0.0/0 0.0.0.0/0

I added the following rule
$ sudo iptables -t nat -I POSTROUTING -d 127.0.0.0/8 -j ACCEPT

This is what is looks like when listed. I was able to remove the authentication exception and metadata updates now work.

$ sudo iptables -t nat -L -n -v
Chain PREROUTING (policy ACCEPT 31 packets, 4810 bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 31 packets, 4810 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 23 packets, 1338 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
17 999 ACCEPT all – * * 0.0.0.0/0 127.0.0.0/8
2422 158K MASQUERADE all – * * 0.0.0.0/0 0.0.0.0/0

Thank you. I tried adding the private IP to the IP addresses and networks that are allowed without auth’ and it seems to have worked.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.