I can’t host PLEX in my DMZ because their app sucks on some clients, hiding or not allowing finding the server via IP so it does the local scan junk. It’s virtually bridged to 2 VLANs as a result. Also this would become a 10G upgrade for my router if I did this but different topic.
This means direct port forwarding is off the table. Is there a service I can use to act as a middleman (ideally hosted in my DMZ) to access the client, without directly exposing PLEX to the WAN but that also doesn’t involve directly exposing my media server full of “Linux ISOs” to a cloud?
Before you tell me to use Jellyfin I am holding off for more feature parity, but this is the eventual plan.
You’re doing something wrong or you have an incompatible isp. If you want to have it in your dmz, great poke firewall rules for 32400 and set up the internal subnet as an approved lan subnet.
Many clients including the mobile app hide, don’t have or otherwise have the function to add a server via IP broken.
Why would I route through the internet and back to handle local traffic? That’s the reason PLEX isn’t in a DMZ
You can set up a free cloudflare tunnel on your DMZ, then expose the 32400 service vía an application in the zero trust dashboard. That would give you fine control about who can access your server (you can add security policies filtering by country, source ip, and other traffic selectors)
Plex pass lifetime is $89.99 on black friday right now. 100% worth it if youre sharing your library
plex has a built in remote proxy…
Tailsacle on both clients and plex server works fine for my setup. Im behind CGNAT on my isp and Tailscale still manages to tunnel properly
