Port forward troubleshooting

GM IT team

Hi guys,

Thanks for coming in. I am still in learning curve with Pfsense really. I am very open for the guidance and advise.

Please see diagram in the attachment. Basically I am setting up the Plex Media to stream audio file within community.
The problem is I have two Pfsense firewalls in our network. External Firewall and Internal Firewall. Plex Server is locate within Internal Firewall. Plexe Device is use within External Firewall. Plex device is having trouble connecting to the server across Firewall.

Is it possible get Plex Device within External Firewall network to connect to Plex Server that locate in Internal Firewall?

Here is some extra information that might help

External Firewall IP is 192.168.1.XX
Internal Firewall IP is 192.168.0.XX

I do not use any Pfsense blocker

I have tried to set up Port forwarding in NAT but I might did something wrong there.

Please feel free to throw any commend in there.

Thank you ever so much again for your help

![Direct connection.png](/public/imported_attachments/1/Direct connection.png)
![Direct connection.png_thumb](/public/imported_attachments/1/Direct connection.png_thumb)

KOM

A few port forwards for the various Plex services should be all you need if the basic networking is correct. If the incoming Plex traffic is all private network space then you also need to disable the Block Private networks option on WAN.

https://support.plex.tv/hc/en-us/articles/201543147-What-network-ports-do-I-need-to-allow-through-my-firewall-

The most important port to make sure your firewall allows is the main TCP port the Plex Media Server uses for communication:
TCP: 32400 (for access to the Plex Media Server) [required]
The following ports are also used for different services:
UDP: 1900 (for access to the Plex DLNA Server)
TCP: 3005 (for controlling Plex Home Theater via Plex Companion)
UDP: 5353 (for older Bonjour/Avahi network discovery)
TCP: 8324 (for controlling Plex for Roku via Plex Companion)
UDP: 32410, 32412, 32413, 32414 (for current GDM network discovery)
TCP: 32469 (for access to the Plex DLNA Server)

GM IT team

Hi KOM,

Many thanks for your replied. I sort of understand that I have to do port forwarding but I am not sure where do I have to set them up.
According to the diagram. The only Firewall I have to work with is only Internal Firewall, am I right?

Here is what I did so far:

I tick off the Block private networks and loop back addresses and Block bogon networks options in WAN

I created Port forwarding in NAT. Please see my port forwarding in attachment.

After all this my Plex Device still having indirect connection.

![Static set up screen.jpg](/public/imported_attachments/1/Static set up screen.jpg)
![Static set up screen.jpg_thumb](/public/imported_attachments/1/Static set up screen.jpg_thumb)

KOM

You don't create port forwards via static routes. Undo everything you did there. Go to Firewall - NAT - Port Forward and create a forward there.

GM IT team

Hi Kom,

I am sorry. The attachment on previous reply was wrong.

Please see the my update network map in here.

Also I attach my NAT Port Forwarding configuration in there.

![Update Network map.png](/public/imported_attachments/1/Update Network map.png)
![Update Network map.png_thumb](/public/imported_attachments/1/Update Network map.png_thumb)
![NAT CONFIG TEST TWO.JPG](/public/imported_attachments/1/NAT CONFIG TEST TWO.JPG)
![NAT CONFIG TEST TWO.JPG_thumb](/public/imported_attachments/1/NAT CONFIG TEST TWO.JPG_thumb)

KOM

Your Destination address is wrong. It should be set to WAN address. You currently have it set to the LAN IP of your server.

GM IT team

Thank you,

I made changes again. Could you please have a look?

![Port Forward second trail.PNG](/public/imported_attachments/1/Port Forward second trail.PNG)
![Port Forward second trail.PNG_thumb](/public/imported_attachments/1/Port Forward second trail.PNG_thumb)

KOM

Is 192.168.1.132 your WAN IP address?

GM IT team

Hi Kom,

I am not sure not if WAN you referring to is WAN port in my Internal Fireawll, External Firewall.

My Internal Firewall WAN Port is 192.168.1.132 and LAN is 192.168.0.254
My External Firewall LAN Port is 192.168.1.55 and I have four WAN Ports. All four WAN ports are 10.X.X.X

Since Plex device is within External Firewall Forwarding to Internal Firewall I should set Port Forward in Internal Firewall by Set destination of WAN Port of Internal Firewall isn't it?

KOM

WAN is WAN port on int firewall.

How do you access this Plex dealie anyway? Web browser or app? What address are you using to connect?

I should set Port Forward in Internal Firewall by Set destination of WAN Port of Internal Firewall isn't it?

Yes.

johnpoz

how many threads you going to open about this?

https://forum.pfsense.org/index.php?topic=123659.0

GM IT team

Hi Johnpoz,

I opened two topic. I didn't want to mess up the forum type. I opened this one first about Firewall and Port forward but the one I have with you was routing wasn't it? and turn out we keep messaging about port forwarding.

GM IT team

Hi Kom,

I use Plex App to access Plex Media Server.

Please see my attachment for WAN and LAN information.

192.168.1.132 is my WAN PORT for internal Firewall

![WAN AND LAN IP.JPG](/public/imported_attachments/1/WAN AND LAN IP.JPG)
![WAN AND LAN IP.JPG_thumb](/public/imported_attachments/1/WAN AND LAN IP.JPG_thumb)

KOM

What address are you using to connect?

GM IT team

Hi Kom,

Currently only one device is using for the test to connect to Plex server which IP address is 192.168.1.65
Subnet Mask is 255.255.255.0

KOM

I don't see 192.168.1.65 on your network diagram anywhere. If you are Plex Device and you want to get to a forwarded server, then you need to connect to the WAN that is handling the forward. Try telling your Plex software to talk to the Plex server at 192.168.1.132. Internal pfSense (if you have your forwards setup correctly) should forward that traffic to the Plex server behind it.

GM IT team

Hello KOM,

Thank you so much for keeping it up with me.

Honestly this is my very first time setting Port Forwarding. I have read and learn a lot but never put into practice before.

I only set up Wifi router behide external firewall but not internal firewall. Whatever Device use Plex App will get IP address from 192.168.1.55 - 192.168.1.254. That's why I didn't put any particular address in diagram.

I did set Plex Device to put to port 192.168.1.132 which will get redirect to Plex Server which is 192.168.0.61 however it give me error but different kind of Error though

KOM

What error? I don't have any experience with Plex so I can't give you more specific advice. Please go through this list:

https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

Generally when you have a forward that isn't working, you need to verify several things. The list above goes over all of them.

GM IT team

Hi Kom,

I totally understand that this is as far as you can go with Pfsense.

The error said A connection to a Server couldn't be established using the details you provided
Error code: 401

I need to go through Plex forum and find out if anyone else has the same experience

It was a good sign though because when I try to add the server, usually it will load for some time then give me an Error message but since I change setting you suggested me it was different. The connection did right away and pop up the different error message I wrote above. Seem like the connection take place but something wasn't right.

This question has nothing to do with Pfsense at all but do you know if I have to do anything with Plex Server? I run it on Windows 7.
I already add Plex port 32400 in Firewall rule on Windows 7.

Do I have to do anything else?

GM IT team

Also is there anyway I could test port forwarding within location network?

I notice port forwarding tools I could use on-line but that was meant to be testing with my Public IP address and firewall.
Surely I can't use that to test my local network port forwarding