Jump to content

Plex not communicating through pfSense

CrypticNetworks
By CrypticNetworks
in Networking
 Share
Go to solution Solved by CrypticNetworks,
On 12/18/2021 at 11:05 AM, Alex Atkin UK said:

Can you be more specific?  Its good to have details in case someone in the future runs into the same issue.

The local lan subnet was set with the wrong CIDR. It’s has since been rectified. 

Posted

HI!

So I am having some rules issues with my pfSense and allowing Plex from my primary LAN to my IoT LAN while blocking all traffic to all private networks.

Logs and Rules Below

 

 

I have tried rules in different positions, I have Plex set to notice different VLAN subnets as local, but I keep getting a connection refused :confused: What gives? Thanks in advance!

4baf6c4a9af0a0c4ccf476dffc5338f0e07b80dd_2_690x233.png

b76e37af731efc16013e5ffa6e1e66467b3340de.png

Main PC: Ryzen 7 7800X3D | 32GB GSkill 6000 MT/s | B650E TUF Gaming WIFI | 2TB Samsung 990 Pro | 2TB Samsung 990 EVO | Gigabyte OC RTX 4080 Super | Corsair 5000D Airflow |                  1000w Seasonic GX | Windows 11 Pro

 

Laptop 1: Macbook Pro 14" M3 Pro | MacOS 15.x

 

Laptop 2: Razer Blade 15" Base 2021 | Windows 11/Pop! OS 22.04

 

Servers 1-3: Super Micro 813MFTQ-441CB | Xeon E5-2650 v4 | 128GB of ECC DDR4-2133 | 2x 250GB Micron 5200 MAX | OS: Proxmox 8.x |

 

Server 4: Dell DP4400 (R740xd) | 2x Xeon Silver 4114 | 64GB of ECC DDR4-2400 | 2x Crucial MX500 (Boot) | 2x Seagate Exos 18TB, 1x WD White Label 18TB, 5x 14TB Seagate Exos,                          2x Samsung 870 EVO 500GB (L2ARC), 2x Samsung 863a 960GB (S Log)

Link to comment
https://linustechtips.com/topic/1396620-plex-not-communicating-through-pfsense/
Share on other sites
Link to post
Share on other sites
Posted
13 hours ago, GateToTheFuture said:

HI!

So I am having some rules issues with my pfSense and allowing Plex from my primary LAN to my IoT LAN while blocking all traffic to all private networks.

Logs and Rules Below

 

 

I have tried rules in different positions, I have Plex set to notice different VLAN subnets as local, but I keep getting a connection refused :confused: What gives? Thanks in advance!

Its really not recommended to NAT across subnets, it will put the router under a LOT of strain as it needs to handle the bandwidth of Plex streaming + your Internet.

It also makes it more complicated as Plex broadcasts itself to the LAN and you can't afaik forward that.

However if you insist, what you might be missing here are NAT, Outbound rules to allow the LAN to NAT to the IoT client.  Its easy to forget them as from LAN to WAN the rules are created automatically (unless you chose otherwise), but if you're trying to NAT from LAN to LAN you'll need manual or hybrid rules.

ASUS B650E-F GAMING WIFI + R7 7800X3D + 2x Corsair Vengeance 32GB DDR5-6000 CL30-36-36-76  + ASUS RTX 4090 TUF Gaming OC

Router:  Intel N100 (pfSense) Backup: GL.iNet GL-X3000/ Spitz AX Switches: Netgear MS510TXUP, MS510TXPP, GS110EMX
WiFi6: Zyxel NWA210AX (1.7Gbit peak at 160Mhz) WiFi5: Ubiquiti NanoHD OpenWRT (~500Mbit at 80Mhz)
ISPs: Zen Full Fibre 900 (~930Mbit down, 115Mbit up) + Three 5G (~1200Mbit down, 115Mbit up, variable)
Upgrading Laptop/Desktop CNVIo WiFi 5 cards to PCIe WiFi6e/7

Link to post
Share on other sites
Posted
22 hours ago, GateToTheFuture said:

HI!

So I am having some rules issues with my pfSense and allowing Plex from my primary LAN to my IoT LAN while blocking all traffic to all private networks.

Logs and Rules Below

 

 

I have tried rules in different positions, I have Plex set to notice different VLAN subnets as local, but I keep getting a connection refused :confused: What gives? Thanks in advance!

4baf6c4a9af0a0c4ccf476dffc5338f0e07b80dd_2_690x233.png

b76e37af731efc16013e5ffa6e1e66467b3340de.png

I had to do something like it but for allowing external connections to my Emby server, you just have to create a rule like this, but instead of WAN, select IoT LAN net, and the port for plex is TCP 32400.

image.thumb.png.6ac4d518e7621134629e00840beaf4cc.png

Link to post
Share on other sites
Posted
  • Author
On 12/16/2021 at 11:57 PM, Alex Atkin UK said:

Its really not recommended to NAT across subnets, it will put the router under a LOT of strain as it needs to handle the bandwidth of Plex streaming + your Internet.

It also makes it more complicated as Plex broadcasts itself to the LAN and you can't afaik forward that.

However if you insist, what you might be missing here are NAT, Outbound rules to allow the LAN to NAT to the IoT client.  Its easy to forget them as from LAN to WAN the rules are created automatically (unless you chose otherwise), but if you're trying to NAT from LAN to LAN you'll need manual or hybrid rules.

It was a subnetting issue.  I'm not worried about the extra strain on this firewall.  I push gigabit with IPS and traffic filtering and the CPU doesn't even hit 5%.  In addition to this, I also have layer 3 switching happening ahead of this so really not my full concern.  Thanks for the tip though.

Main PC: Ryzen 7 7800X3D | 32GB GSkill 6000 MT/s | B650E TUF Gaming WIFI | 2TB Samsung 990 Pro | 2TB Samsung 990 EVO | Gigabyte OC RTX 4080 Super | Corsair 5000D Airflow |                  1000w Seasonic GX | Windows 11 Pro

 

Laptop 1: Macbook Pro 14" M3 Pro | MacOS 15.x

 

Laptop 2: Razer Blade 15" Base 2021 | Windows 11/Pop! OS 22.04

 

Servers 1-3: Super Micro 813MFTQ-441CB | Xeon E5-2650 v4 | 128GB of ECC DDR4-2133 | 2x 250GB Micron 5200 MAX | OS: Proxmox 8.x |

 

Server 4: Dell DP4400 (R740xd) | 2x Xeon Silver 4114 | 64GB of ECC DDR4-2400 | 2x Crucial MX500 (Boot) | 2x Seagate Exos 18TB, 1x WD White Label 18TB, 5x 14TB Seagate Exos,                          2x Samsung 870 EVO 500GB (L2ARC), 2x Samsung 863a 960GB (S Log)

Link to post
Share on other sites
Posted
12 hours ago, GateToTheFuture said:

It was a subnetting issue.  I'm not worried about the extra strain on this firewall.  I push gigabit with IPS and traffic filtering and the CPU doesn't even hit 5%.  In addition to this, I also have layer 3 switching happening ahead of this so really not my full concern.  Thanks for the tip though.

Can you be more specific?  Its good to have details in case someone in the future runs into the same issue.

ASUS B650E-F GAMING WIFI + R7 7800X3D + 2x Corsair Vengeance 32GB DDR5-6000 CL30-36-36-76  + ASUS RTX 4090 TUF Gaming OC

Router:  Intel N100 (pfSense) Backup: GL.iNet GL-X3000/ Spitz AX Switches: Netgear MS510TXUP, MS510TXPP, GS110EMX
WiFi6: Zyxel NWA210AX (1.7Gbit peak at 160Mhz) WiFi5: Ubiquiti NanoHD OpenWRT (~500Mbit at 80Mhz)
ISPs: Zen Full Fibre 900 (~930Mbit down, 115Mbit up) + Three 5G (~1200Mbit down, 115Mbit up, variable)
Upgrading Laptop/Desktop CNVIo WiFi 5 cards to PCIe WiFi6e/7

Link to post
Share on other sites
  • 2 weeks later...
Posted
  • Author
  • Solution
On 12/18/2021 at 11:05 AM, Alex Atkin UK said:

Can you be more specific?  Its good to have details in case someone in the future runs into the same issue.

The local lan subnet was set with the wrong CIDR. It’s has since been rectified. 

Main PC: Ryzen 7 7800X3D | 32GB GSkill 6000 MT/s | B650E TUF Gaming WIFI | 2TB Samsung 990 Pro | 2TB Samsung 990 EVO | Gigabyte OC RTX 4080 Super | Corsair 5000D Airflow |                  1000w Seasonic GX | Windows 11 Pro

 

Laptop 1: Macbook Pro 14" M3 Pro | MacOS 15.x

 

Laptop 2: Razer Blade 15" Base 2021 | Windows 11/Pop! OS 22.04

 

Servers 1-3: Super Micro 813MFTQ-441CB | Xeon E5-2650 v4 | 128GB of ECC DDR4-2133 | 2x 250GB Micron 5200 MAX | OS: Proxmox 8.x |

 

Server 4: Dell DP4400 (R740xd) | 2x Xeon Silver 4114 | 64GB of ECC DDR4-2400 | 2x Crucial MX500 (Boot) | 2x Seagate Exos 18TB, 1x WD White Label 18TB, 5x 14TB Seagate Exos,                          2x Samsung 870 EVO 500GB (L2ARC), 2x Samsung 863a 960GB (S Log)

Link to post
Share on other sites
Posted
13 hours ago, GateToTheFuture said:

The local lan subnet was set with the wrong CIDR. It’s has since been rectified. 

Oh I've so done that, really easy mistake to make on pfSense as its sanity checking is a bit hit and miss.

Currently banging my head against a brick wall trying to setup a Wireguard server, probably turn out to be something like that.

Thanks for updating the thread.

ASUS B650E-F GAMING WIFI + R7 7800X3D + 2x Corsair Vengeance 32GB DDR5-6000 CL30-36-36-76  + ASUS RTX 4090 TUF Gaming OC

Router:  Intel N100 (pfSense) Backup: GL.iNet GL-X3000/ Spitz AX Switches: Netgear MS510TXUP, MS510TXPP, GS110EMX
WiFi6: Zyxel NWA210AX (1.7Gbit peak at 160Mhz) WiFi5: Ubiquiti NanoHD OpenWRT (~500Mbit at 80Mhz)
ISPs: Zen Full Fibre 900 (~930Mbit down, 115Mbit up) + Three 5G (~1200Mbit down, 115Mbit up, variable)
Upgrading Laptop/Desktop CNVIo WiFi 5 cards to PCIe WiFi6e/7

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×