Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 6309 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Has anyone had success configuring Sophos XG to allow Plex Remote Access

ChristopherHaugh

Hello all,

 

Has anyone had success configuring Sophos XG to allow Plex remote access?

 

Here's some details.

Running Sophos XG version SFOS 17.5.5 MR-5

I've configured an interface just for Plex along with it's own DHCP server.

Plex server is running on on a Microsoft Server 2019 Hyper-V VM

I've created a virtual switch to an external network and my plex vm is the only one using the switch. 

SR-IOV is enabled.

The Plex VM has access to the internet.

Here's the plex network rule that I have setup.

I also created a business application rul to forward port 32400.

 

When I attempt to enable Plex remote access,  it first says "Fully accessible outside your network"...  then about 4 to 5 seconds later it says "Not available outside your network".

4-5 seconds later it changes to "Not available outside your network".

I've checked the application logs and dd

Any assistance would be greatly appreciated.

 

 



This thread was automatically locked due to age.
Parents
  • 0 in reply to ChristopherHaugh

    I have plex running behind XG ok, Sorry hyper V your using I see?  Also your PLEX Zone is that Local LAN type zone?

    Those denied events in your logs are because you have Network Discovery enabled in your network tab disable it?  Also in plex network settings have you specified your Plex servers URL's??  I generally add both https://localip:32400 and https://externalip:32400. Then when you are setting you your Remote Access tab make sure your initially pointing your Browser to https://externalip:32400 to enable it that way when it sets up the Plex direct DDNS its using the correct IP (Your External IP).

    One last question on your Firewall rule list do you have the Plex business rule above your Plex user rule?

    Can you send a pic of your network interfaces?

    Ive just realised you have PLEX_SERVER under destination Server and under Forward to server? are they the same IP?  You should have your Ext IP as destination address and the Local ip for plex as the forward to IP.  Is that what you have?

  • 0 in reply to john_kenny

    Thank you for responding.

    Here's my Plex zone setup.

    6724.Plex Zone Setup.jpg

    I could use some clarification on the rest of your suggestions.

    - Network Discovery enabled.  Are you referring to windows Advance Sharing Settings?

    - When you mention plex network settings, is that in plex setup or on Sophos XG firewall?

    - My plex network rule is below my Plex port forward business application rule.

    - Plex_Server is an IP host that I setup.  It's IPv4 pointing to the plex server IP address.  Also, the plex server is has a static IP MAC mapping in the DHCP server settings.

    - Oh crap... I did have it configured incorrectly...  I changed the Destination host/network to #Port4.  It was set to the Plex_Server host.  That seems to have fixed it and my plex server is fully accessable from outside my network.

    THANK YOU SO MUCH!!!  I appreciate the time you spent reviewing my issue.

    Here's the correct configuration.

    4087.Plex Firewall Rule Configured Correctly.jpg

  • 0 in reply to ChristopherHaugh

    glad i could help, yeah business rules always have a destination of your WAN IP then forward too your Local LAN IP.  With regards to discovery this is all on the Plex web ui under settings - network.  

    https://support.plex.tv/articles/200430283-network/

    I generally turn off Network discovery as its a broadcast protocol, but it shouldnt be getting past your firewall though.

    Also make sure to set HTTPS / SSL as a requirement to secure your server.

    One last thing on your Business rule enable WAN to LAN IPS if i was you, and then for your Plex user rule use LAN to WAN IPS at least.  I also have a simple web policy with just Spyware & Malware web categories in it and also you shouldnt need App filtering on.  I have mine set to NONE.

    But other than that have fun....

Reply
  • 0 in reply to ChristopherHaugh

    glad i could help, yeah business rules always have a destination of your WAN IP then forward too your Local LAN IP.  With regards to discovery this is all on the Plex web ui under settings - network.  

    https://support.plex.tv/articles/200430283-network/

    I generally turn off Network discovery as its a broadcast protocol, but it shouldnt be getting past your firewall though.

    Also make sure to set HTTPS / SSL as a requirement to secure your server.

    One last thing on your Business rule enable WAN to LAN IPS if i was you, and then for your Plex user rule use LAN to WAN IPS at least.  I also have a simple web policy with just Spyware & Malware web categories in it and also you shouldnt need App filtering on.  I have mine set to NONE.

    But other than that have fun....

Children
No Data