Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 11 replies
  • Answers 2 answers
  • Subscribers 8 subscribers
  • Views 21154 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need help with Plex Media Server

serend

Need help with Plex Media Server

I installed Sophos Home Edition.  Awesome product!

Having some issues with UDP firewall rules, especially Plex Media Server

I set Nat and Service Definition

 

Live firewall log is showing this:

 

Plex Server can't connect from remote!

Nothing seems to work.  

What am I missing? 

Thanks in advance!

 

 



This thread was automatically locked due to age.
Parents
  • 0

    Hi, and welcome to the UTM Community!

    If Ben and Ole's suggestions don't get you the result you want, we'll need better information.  Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post one line corresponding to those above.  Also, add a stick diagram with IPs that shows us what's involved here.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thank you very much for your reply, this is my diagram, it very simple.

    2017:11:10-15:24:26 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="40" tos="0x00" prec="0x00" ttl="64" srcport="40345" dstport="5351" 
2017:11:10-15:24:26 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="30" tos="0x00" prec="0x00" ttl="64" srcport="48012" dstport="5351" 
2017:11:10-15:24:26 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="40" tos="0x00" prec="0x00" ttl="64" srcport="40345" dstport="5351" 
2017:11:10-15:24:26 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="30" tos="0x00" prec="0x00" ttl="64" srcport="48012" dstport="5351" 
2017:11:10-15:24:26 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="40" tos="0x00" prec="0x00" ttl="64" srcport="40345" dstport="5351" 
2017:11:10-15:24:26 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="30" tos="0x00" prec="0x00" ttl="64" srcport="48012" dstport="5351" 
2017:11:10-15:24:28 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="40" tos="0x00" prec="0x00" ttl="64" srcport="40345" dstport="5351" 
2017:11:10-15:24:28 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="30" tos="0x00" prec="0x00" ttl="64" srcport="48012" dstport="5351" 
2017:11:10-15:24:30 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="40" tos="0x00" prec="0x00" ttl="64" srcport="40345" dstport="5351" 
2017:11:10-15:24:30 sophos ulogd[29849]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="00:11:32:4b:7e:fa" dstmac="00:0c:29:22:e7:8c" srcip="192.168.1.3" dstip="192.168.1.1" proto="17" length="30" tos="0x00" prec="0x00" ttl="64" srcport="48012" dstport="5351" 

    and this is firewall log when I try connect to plex server, I dont' understand why dstip is 192.168.1.1 and port is 5351!

    I also find a user who have the same problem with me 
    https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/3672/need-help-with-plex-media-server/19347?pi2132219849=107

    Thank you in advance!



  • 0 in reply to serend

    i am pretty sure the problem is with the plex server settings, not with the sophos. Did you activate the "log initial packet" like suggested to see if anything comes in at all?

    ---

    Sophos UTM 9.3 Certified Engineer

  • 0 in reply to Ben

    Yes, I active the log initial packet, but I can't find the log, would you tell where can I find it? thank you.

  • 0 in reply to serend

    in the firewall live log, the one you posted a screenshot of. if there are no white colored entrys with port 32400, the problem is not with the sophos utm.

    PM me some instant messenger info and ill have a look if you like.

    ---

    Sophos UTM 9.3 Certified Engineer

  • 0 in reply to Ben

    Yes, you are right, no any entries with port 32400, probably it's problem with plex server, forget it!  thank you so much for your help!

    Best Regards!

     

  • 0 in reply to serend

    If you checked Log initial packets in dnat rule, Your packets are not arriving at your WAN address at all!!! To much misleads in the forum

    To clarify one thing! Even if you unplug the Plex Server from the power, you should see the grey line in firewall
    My RDP PC is powered down, and don't accepts requests on port 3391 (as shown on the image)

    Now check again your wan configuration

  • 0 in reply to serend

    Check you plex web server settings - >remote, by default the incoming port is not 32400, but some random port that your set the firewall to map to 32400 on the plex server. In your case, it looks like 5351. You'd need to DNAT internet 5351 to plex host 32400.

    Or you can change the plex server settings there to use port 32400.

     

    Hope this helps.

Reply
  • 0 in reply to serend

    Check you plex web server settings - >remote, by default the incoming port is not 32400, but some random port that your set the firewall to map to 32400 on the plex server. In your case, it looks like 5351. You'd need to DNAT internet 5351 to plex host 32400.

    Or you can change the plex server settings there to use port 32400.

     

    Hope this helps.

Children
No Data
Unfiltered HTML