Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Plex indirect with Packet Filtering enabled

    General pfSense Questions
    2
    3
    483
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      damien_nightbane
      last edited by

      I'm having some trouble with plex being indirect from outside my network when Packet filtering is enabled. Currently my network is as follows:

      Internet > Sophos XG (Edge Firewall) > PFSense (handles internal routing) > Multi-vlans

      If packet filtering is off on pfsense plex is perfectly fine however if it is turned on plex becomes indirect even with adding plex.direct in the advanced custom section. The routing at present goes as follows:

      plex > pfsense (internal interface > sophos xg (internal interface) > internet (via sophos wan interface).

      The pfsense wan interface is not in use here and the pfsense gateway is set to use sophos xg. At present i haven't been able to figure out what else i need to do to get plex to not be indirect. I had the same issue even when just using pfsense as the edge firewall and adding plex.direct to unbound.

      Thoughts?

      1 Reply Last reply Reply Quote 0
      • Y
        Yosh1609
        last edited by

        Hi,

        I assume you're connected to your ISP via a router?

        plex > pfsense (internal interface > sophos xg (internal interface) > internet (via sophos wan interface) - <router here="" or="" modem???="">).

        Which make and model is your router or are you using a modem?

        –-

        Sorry, I missed you're Sophos XG (Edge Firewall) - looks like you have a double NAT issue - (if not triple NAT (if that's possible) if you are also using a router with NAT).

        I had this issue as I couldn't turn NAT on my router off. Replaced router with a modem to resolve my issue. This may be helpful:

        https://support.plex.tv/articles/200931138-troubleshooting-remote-access/

        Good luck!</router>

        1 Reply Last reply Reply Quote 0
        • D
          damien_nightbane
          last edited by

          I've got a comcast business modem where I have put the Sophos XG WAN interface in the DMZ and everything works just fine when packet filtering is turned off on the pfsense side. The goal is to use pfsense to isolate/route between the different vlans and have sophos maintain the firewall aspect.

          I have gone through that and haven't had success even with pfsense as the Edge and in the DMZ of the comcast modem the problem persisted. From what I can tell I don't see a NAT issue (Sophos XG is handling correctly, and PFsense does not have NAT enabled) but are there other areas in PFSense I can check for that?

          –-Topology Update---

          Comcast modem <> Sophos XG (Edge Firewall. This is listed in the Comcast Modem DMZ) <> PFSense (Handles vlans and inter-vlan routing. Currently has both packet filtering and nat disabled which is causing the vlans to be able to speak to each either versus follow the rules that are in place.) <> Various vlans.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.