I get the same message Sham gets.
For everyone trying to get port forwarding working with PIA, the easiest solution is to switch over to split tunnel/policy based routing.
Once you get the plex.tv ip addresses (they use amazon clusters…) it is so much easier.
For whatever reason, plex gets your ip based on the http post calls as opposed to your wan address. Once you get the ip addresses to route outside the vpn, life is much easier… Port forwarding with PIA is a PITA…
Sent from my SPH-L710 using Tapatalk
I had to cancel my PIA service because their port forwarding service didn't work for Plex and my VNC server. I've been using VersaVPN for a little while now and they allow you to forward up to 4 ports as part of their paid service. Works perfectly with Plex so far. If you check it out and wish to sign up, use my affiliate link below. It would help me out :)
Hey guys,
Just went through the trouble of getting PIA and canceling it because their port forwarding did not work. Tried kidamnesiac's suggestion and boom! online in 5 mins! Worth giving VersaVPN a try. They don't have as many servers as some of the other providers but it still works well. :)
Sorry kidamesiac. Don't think the referral link is working anymore. It redirects to the regular homepage. Appreciate your recommendation though!
depaulsunny,
Did you use the shared or dedicated IP at VersaVPN?
Thank you
I used the shared IP. They let you open up to four ports in their control panel.
Thanks
Hey guys,
Just went through the trouble of getting PIA and canceling it because their port forwarding did not work. Tried kidamnesiac's suggestion and boom! online in 5 mins! Worth giving VersaVPN a try. They don't have as many servers as some of the other providers but it still works well. :)
Sorry kidamesiac. Don't think the referral link is working anymore. It redirects to the regular homepage. Appreciate your recommendation though!
Dude...thanks for that! I've had PIA for a few months now and have been fooling around with IPTABLES on my Ubuntu server, this, that, and the other to no avail.
I'm done with PIA and will get VersaVPN.
Since I had already paid for a year of PIA I just put a virtual machine on my server. The stuff I want going through the vpn is on the virtual server with PIA running. The other stuff like plex is still on the server. I just might switch to VersaVPN when my year is up if PIA is not offering Plex support.
I wrote a windows batch file to route my.plexapp.com's current IP address (with mask 255.255.0.0) to your machine's default gateway (e.g. 192.168.2.1). I promise the bat file is safe, just google me and my reputation will speak for itself.
The code is below but I also uploaded a zip containing the bat file and an exe version of the bat file (same as the bat file except runs invisibly). For best results, use windows task scheduler to launch the exe (with highest privileges) as often as you'd like.
This will ensure that even if the IP for my.plexapp.com changes, your setup will automatically route it past your VPN. A list of routed IPs will be saved here:
"%userprofile%\AppData\Local\Plex Media Server\PermittedPlexIPs.txt
I'm using PIA and this works perfectly.
Enjoy!
XFlak
@echo off setlocal set PATH=%SystemRoot%\system32;%SystemRoot%\system32\wbem;%SystemRoot% chcp 437>nulecho my.plexapp.com VPN Route Exception Builder
echo by XFlak
echo.::get Default Gateway
ipconfig|findstr /I /C:“Default Gateway”|findstr /I /C:“1” >“%temp%\gateway.txt”
set /p gateway= <“%temp%\gateway.txt”
set gateway=%gateway:*: =%
::echo %gateway%::set gateway=192.168.2.1
echo Getting my.plexapp.com’s current IP address
echo.ping “my.plexapp.com”|findstr /I /C:“my.plexapp.com” >“%temp%\my.plexapp.com.txt”
set /p PlexIP= <“%temp%\my.plexapp.com.txt”
set PlexIP=%PlexIP:*[=%
set PlexIP=%PlexIP:~0,-24%
echo %PlexIP%
echo.set zero=%PlexIP:.=%
set zero=%zero:.=%
echo set PlexIP=%%PlexIP:%zero%=0.0%%>“%temp%\plex.bat”
call “%temp%\plex.bat”::echo %PlexIP%
if not exist “%userprofile%\AppData\Local\Plex Media Server\PermittedPlexIPs.txt” goto:skipcheck
findstr /I /C:“%PlexIP%” “%userprofile%\AppData\Local\Plex Media Server\PermittedPlexIPs.txt”>nul
IF NOT ERRORLEVEL 1 (echo IP already routed, exiting…) & (goto:fin)
:skipcheckecho route -p add %PlexIP% mask 255.255.0.0 %gateway%
route -p add %PlexIP% mask 255.255.0.0 %gateway%
echo.echo Adding IP to %userprofile%\AppData\Local\Plex Media Server\PermittedPlexIPs.txt
echo.
echo %PlexIP% >>“%userprofile%\AppData\Local\Plex Media Server\PermittedPlexIPs.txt”:fin
::echo fin
::pauseexit
edit: code was missing a ">", old version still worked but log only retained latest IP, the 4 people who downloaded the last version may want to redownload the new one
You sir, are a genius! Seems to be working fine, thank you!
Allright, so I'm using PIA client (not router based) on my PMS as well and here is what I have going on...
Using XFlak's script
Verrfied the routes are in the windows 7 routing table on the PMS
Forwarded port 32400 on my router to my PMS's IP
Added a route for canyouseeme.org to check portforwarding without going through VPN
Port 32400 is saying it is open on canyouseeme, but I cannot get the server to publish/connect.
What am I doing wrong?
Thanks for any and all help anyone can offer.
Dan
Well I got it published...not sure why it didn't work earlier. I did however uncheck the box for the "VPN kill switch" setting on the VPN client. I don't really think that was affecting my problem. I unchecked the box, rebooted the computer (for windows updates) and tried again it magically worked...FM, gotta love it.
I found a solution that doesn't require updating when Plex's IP address changes. It will just keep working forever with no changes.
Requires that your VPN does supports port forwarding.
My system is Mac but should work fine on Linux as well. And could be adapted to Windows as well.
https://forums.plex.tv/topic/117451-myplex-with-a-vpn-that-supports-port-forwarding/?p=703644
I'm running PIA and having the same issue connecting to my Plex server remotely.
I'm a novice when it comes to networking. Could someone give me a little more detailed information on how to implement XFlak's script in Windows 7?
I would greatly appreciate it!
I'm running PIA and having the same issue connecting to my Plex server remotely.
I'm a novice when it comes to networking. Could someone give me a little more detailed information on how to implement XFlak's script in Windows 7?
I would greatly appreciate it!
well what i did, was just doubleclick . DONE - WORKS !!!!
Double-clicked on what???
I have tried to implement the script with PIA, unsuccessfully thus far.
If there is simply a file that I need to double click on, I would really appreciate knowing more.
Thanks.
My two cents:
If you have another machine on the local network that is always on, you can setup ssh tunneling for all traffic that you want accessible to the machine behind the VPN. I just set it up last night to forward several ports for several services to my computer and all I did was redirect the traffic from my router to the computer that was setting up the tunnel and then running the following command:
ssh -N -p 22 -g -c 3des-cbc @ -L /localhost/ -R //
The first couple of arguments specify the connection type, port, and encryption. I personally use an application called SSH Tunnel Manager for Mac to manage this but any *nix system could run this command to get the same result.
Include as many -L arguments as you have ports you want to forward from the machine hosting the tunnel to the machine behind the VPN. I found I had to include both a -L and -R argument for port 32400 to make sure plex.tv could see the server.
My two cents:
If you have another machine on the local network that is always on, you can setup ssh tunneling for all traffic that you want accessible to the machine behind the VPN. I just set it up last night to forward several ports for several services to my computer and all I did was redirect the traffic from my router to the computer that was setting up the tunnel and then running the following command:
ssh -N -p 22 -g -c 3des-cbc @ -L /localhost/ -R //The first couple of arguments specify the connection type, port, and encryption. I personally use an application called SSH Tunnel Manager for Mac to manage this but any *nix system could run this command to get the same result.
Include as many -L arguments as you have ports you want to forward from the machine hosting the tunnel to the machine behind the VPN. I found I had to include both a -L and -R argument for port 32400 to make sure plex.tv could see the server.
that's exactly what I'm trying to do..well kind of. I want to use my mac mini as a "downloader" behind the vpn and my main computer as the server. But, I think it's not gonna work. so you solution sounds good. do you have a place that i can read more about it? becaus eit's kinda chinese to me :)
So I tried what I previously posted in several different variations. The same setup works great for other services (SSH, VNC, FTP, etc.) but I haven't cracked it for Plex yet. Currently I am using Tunnelblick and set up a static DNS redirect for the Plex server IP addresses. That seems to be working perfectly so far.
I found a solution that doesn't require updating when Plex's IP address changes. It will just keep working forever with no changes.
Requires that your VPN does supports port forwarding.
My system is Mac but should work fine on Linux as well. And could be adapted to Windows as well.
https://forums.plex.tv/topic/117451-myplex-with-a-vpn-that-supports-port-forwarding/?p=703644
I can verify this method works and is very easy. See my post below for his directions...
This is from sbwoodside, so all credit goes to him. But I feel like he's easily solved this problem and not many people have noticed. This is so easy to do. I hope sbwoodside doesn't mind me posting his solution here. I've also edited his post (below) to fix 2 syntax errors he had and also clean it up a bit to make it easier to follow. I've done this and it currently works for me. It only takes a couple of minutes to do. This is for the Mac, but I'm sure someone familiar with Windows could repost it with the necessary changes for that platform with ease. Anywhoo, here are sbwoodside's directions...
1. Forward the port on the VPN.
- Go to your VPN's web site to add a port forward.
- If using AirVPN, go to airvpn.org/ports/ and click the Add button. Don't fill in any of the fields. Let it assign a random port, and let it forward to the same local port.
- Copy the generated port number for later; where you see VPN_PORT, replace VPN_PORT with your random port.
2. Set up port redirection in pf
- Mavericks uses "pf" which is "The OpenBSD Packet Filter" for this type of thing (older Mac OS might have used ipfw or iptables)
- Use the Terminal to access the command line.
- Using your favourite editor create the file: /etc/pf.anchors/simons.plex.vpn.forward. In this case, we'll use emacs... E.g.:
sudo emacs /etc/pf.anchors/simons.plex.vpn.forward
- Put this into the file (replace VPN_PORT with the random port you got from your VPN service):
# To allow access to Plex Media Server from outside the VPN AirVPN # local ethernet for testing (en0) rdr pass on en0 inet proto tcp from any to any port VPN_PORT -> 127.0.0.1 port 32400 # OpenVPN presumably is tun0 rdr pass on tun0 inet proto tcp from any to any port VPN_PORT -> 127.0.0.1 port 32400
- Now save. For those who are just starting to learn emacs, the key command sequence to save a file is:
Ctrl x s That means hold down the Control key, tap the x key once, and the s key once, let go of Control key.
- Now exit:
Ctrl x c
- Verify that you've got the syntax correct by entering this into Terminal:
sudo pfctl -vnf /etc/pf.anchors/simons.plex.vpn.forward
- Create a pf config file:
sudo emacs /etc/pf.plex.conf
- Put this info the config file:
rdr-anchor "simons-plex" load anchor "simons-plex" from "/etc/pf.anchors/simons.plex.vpn.forward"
- Save and exit:
Ctrl x s Ctrl x c
- pf doesn't run by default on Mavericks so start it up:
sudo pfctl -ef /etc/pf.plex.conf
- Now you can test if this is working by doing the following from another computer on your local network:
telnet IP.ADDR.OF.PLEXMAC VPN_PORT
- You should see (after a few seconds mabe):
Trying 192.168.2.42... Connected to 192.168.2.42. Escape character is '^]'.
- Now test if it's working through your VPN. Go to your VPN port forwarding website and get the Public IP. E.g. on OpenVPN this is called "Mapped to public IP". Now try this:
telnet PUBLIC.IP.FROM.VPN VPN_PORT
- And you should connect. That means it's working! *
3. Set up Plex Server
- Go to Plex Media Server web interface > Settings > Server > Connect
- Make sure you are signed in with your plexpass.
- Check the box "Manually specify port" and enter VPN_PORT. Click Update.
- After a few seconds you should see: "Server is mapped to port VPN_PORT"
4. Set up your Mobile phone or whatever
- First turn off WiFi. (Otherwise your phone might connect on the local network and that's not what we want.)
- Log in
- It should automatically connect now. If not, try Refresh, Sync, an/or waiting a minute.
- Once you can see it works you can turn WiFi back on.
4. Make pf run automatically when you reboot your Mac
- See: OS X Server: How to enable the adaptive firewall (except we will change the conf file from pf.conf to pf.plex.conf)
- For Mavericks, run these commands on the server as an admin user to enable the adaptive firewall.
sudo pfctl -f /etc/pf.plex.conf sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/serverctl enable service=com.apple.afctl sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -c sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -f
- Edit /System/Library/LaunchDaemons/com.apple.pfctl.plist so that pfctl(8) is invoked with the -e flag. This will automatically enable the packet filter the next time the server boots. This can be accomplished with these commands:
sudo defaults write /System/Library/LaunchDaemons/com.apple.pfctl ProgramArguments '(pfctl, -f, /etc/pf.plex.conf, -e)' sudo chmod 644 /System/Library/LaunchDaemons/com.apple.pfctl.plist sudo plutil -convert xml1 /System/Library/LaunchDaemons/com.apple.pfctl.plist
Side note: Every time I reboot, I have found I need to go back into Plex Server's preferences, under Server->Connect, hit "Retry" on the Port Mapping. This just one time, on initial boot. You may or may not have to do this as well.
