It sounds like more and more people are getting stuck with PLEX not being remotely accessible due to Carrier Grade NAT, with more and more ISP’s turning to it. Depending on the system you use there might be a workaround here or there, but some setups seem pretty impossible to get working. On top of that I’m sure there are many who, while they may have systems where a workaround is possible, they simply don’t have the know-how to make it work.
I feel like the guys and gals at PLEX are a pretty resourceful bunch and I’m sure devoting a little time to this problem would yield successful results, and like I say it’s something that’s only going to be greater in demand as time goes on.
I myself run PLEX off a QNAP NAS, and the only way I might be able to get accessible externally is by somehow installing and using ngrok, but doing so in the QNAP OS environment is no easy feat (at least not for me thus far).
If there’s something out there already which sounds like it will work when set up correctly, surely this means that something should be possible to be built in to PLEX?
Yes we’re slowly (or in some places, rapidly) moving towards a world where consumer connections are behind CG-NAT for IPv4.
Roughly there are three main cases here:
-
single stack IPv4 behind CG-NAT: this is mainly mobile networks, but increasingly households are using 4G routers to replace fixed lines. Plex could do two things to work through CG-NAT here: tunnelling, which they do with Plex Relay (max 2 Mbit though) or UDP hole punching, which is difficult as Plex currently is TCP-based.
-
dual stack IPv4+v6, with IPv4 behind CG-NAT (this is called DS-Lite). This is where DSL/Cable/Fibre is going, and millions of people are already in this situation. Plex Relay still works in this case, but the future here for Plex is fully supporting IPv6 without the current manual workarounds (getting your own domain name, setting up an AAAA record, set custom server addresses in PMS). There’s a feature request here, so please vote: https://forums.plex.tv/t/ipv6-support-for-myplex/
-
single stack IPv6 with CG-NAT64/DNS64. This is how most mobile operators are rolling out IPv6 now, so this is what households behind a 4G/5G connection will work with. Since NAT64 is carrier grade, this means no portmapping and incoming IPv4 connections. So again, proper IPv6 support is the way forward.
2 Likes
Can you not just put your modem in bridge mode and use your own router to bypass this? I did at least. Or am I off topic from what you are referring to.
1 Like
Indeed, bridge mode doesn’t help if your ISP does NAT further upstream.
A very well-written out explanation to the whole scenario, thank you.
My situation is that hardline broadband is pants in my area so I’m using a 4G SIM in a SIM-enabled router. It works great in terms of far faster DL and UL speeds than I’d get with a hardline, but didn’t even know about CG-NAT until I started to try figuring out why my remote access was no longer working LOL. And after just checking, I’m not given an IPv6 address, so I can’t look into the second option (though will vote because - like you say - it’s the way things are/have to go).
So now I’m trying to get my head around ngrok, which would be easy if not for the fact my PLEX server is a QNAP NAS which doesn’t make terminal/SSH-based utilities easy to use.
Plex Relay would likely be fine for my needs, but I just don’t seem to be able to get that to work either - as far as I can tell I just need the secure connection setting set to “Required” or “Preferred”, (mine’s on the latter), but no dice.
Here’s hoping for a breakthrough 
1 Like
I’m in the same situation as you, 4G internet is 10x faster than my DSL but being behind CG-NAT sucks. For what it’s worth, Plex Relay does work reliably for me (I’ve got Plex Pass though) with secure connections set to “Preferred”.
Bear in mind that even when Plex Relay is active & works, your PMS will in the web view still report a red circle behind Remote Access and claim to be “Not available outside your network” even though it is. All my clients outside the network (Phone, PC at work, etc) can access the library and stream just fine.
Setting up a tunnel like ngrok or VPN (OpenVPN, IKEv2, etc) into a server that is not behind CG-NAT is indeed also an option, not very easy to set up unfortunately.
2 Likes
