Plex Server (192.168.30.8) <--> Roku (192.168.31.4)?
-
Could someone be nice enough to give me a pfSense NAT rule for the following?
I have my Plex server on my main network (192.168.30.8) and a Roku player on a my DMZ network (192.168.31.4). Currently when I watch a movie I think they have to go out on the net and back to get from the main network to the DMZ. With the right rule I'm sure they can communicate directly without compromising my setup.
-
Well what are your rules between your roku network and plex network? What do you have in your lan networks on your plex server?
So your saying your roku plex app is saying indirect for your plex connection..
-
I don't have a specific rule between my roku network and my plex (lan) network. I'm sure this why the Roku box is telling me the connection to my plex servier is a 'Relayed connection'. It has to go out the WAN via the DMZ network and then come back to the LAN to reach the Plex server via the relay. Plex explains the details at www.plex.tv/relay. This works but of course it would be way more efficient to allow the Roku to jump from the DMZ network over to my LAN network where the Plex server is. Which is what my desktop does.
-
Make sure you do not have any DNS rebind protections enabled in you DNS server (or allow plex.direct domain) on pfSense (if your LAN/DMZ clients are set to use it for DNS), also on you DMZ firewall allow DMZ Subnet or Roku IP -> Plex server IP Destitution Port TCP 32400.
-
yeah you should have primate domain setup as well, but you also wan to set your networks as lan as above in my pic.
I would not suggest you disaable rebind protection, but setting specific domain as private is easy
https://www.netgate.com/docs/pfsense/dns/dns-rebinding-protections.html