USG20 Contamination, Plex media server gone

Jackal7x
Jackal7x Posts: 8  Freshman Member
First Anniversary
Hello everybody, i try to describe my network: ISP Router (10.1.1.1/28) -> DMZ USG20 Wan (10.1.1.2/28), in DMZ there is also a Synology NAS which i use as web server (10.1.1.5/28), behinde the USG there are 2 LAN, 1st 192.168.1.1/28 and there is another Synology NAS (192.168.1.3), 2nd LAN is for client DHCP such as mobile, laptop, tv, etc... with net ID 192.168.100.0/24
Now the problem: i've Plex installed on both NAS. Plex since a couple of month stops find my local server (the two NAS with same error). I din't touched firewall rules since one year.
I reinstalled with a clear Plex installation on both NAS and upgraded to last version but same problem. So i decided to isolate firewall, i connected my laptop directly to the ISP Router and disconnected USG from it. Now the NAS in DMZ is working fine, when i reconnect the USG WAN, it stop to work again. What fu**** is noing my firewall's WAN in DMZ? why with USG disconnected from the network, Plex work? I didn't find anyting in the verbose logs about wan activity, but it says NAS (10.1.1.5:XXXXX) to 10.1.1.15 (network broadcast address /28) - ACCESS BLOCKED by default rule.... (?????) why my firewall should block the NAS outside the WAN in DMZ? Could it be the problem? i don't think so, but why it's is working in this way? Of course my 2nd NAS in LAN has the same problem but logs doesn't catch any irregular activities about its IP. So... i suspect my firewall is "cotaminating" my network with something "dirth" (ARP tables, routing) i reset it and configure basically with the same DMZ and the LAN for the NAS, alla ports opened, no fw rules active. It gives the same problem and the same log about my NAS in DMZ correlate to the broadcast address blocked by the firewall autoside its domain. I don't know what to do anymore, i tryed to exclude everything, wifi, multimedia devices, home devices.. only me and it. USG20 is the problem but i cannot catch it.
Please help, make me alla questions you need.

Thanks, many many thanks to who will give help.

All Replies

  • PixelAXE
    PixelAXE Posts: 18  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Hi,
    Do you mean that Plex app cannot auto discover media source when Plex clients and Media server are in different subnet?

  • Jackal7x
    Jackal7x Posts: 8  Freshman Member
    First Anniversary
    No, it's the same, i tryed on the same subnet but same problem, i've also expanded subnet to /24 but same problem. I've to register the NAS in DMZ wihout FW connected, then it works... this is very strange, it canno access to any NAS is the USG is in the network
  • lalaland
    lalaland Posts: 90  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer
    It would be helpful if you can share 2 brief network topology with interface IP and role marked, whereby one is based on the original network topology when the Plex is not working and the other one is where the topology is working based on your test.
  • Jackal7x
    Jackal7x Posts: 8  Freshman Member
    First Anniversary
    A attached a visio, both NAS give the same problem which i described, if i disconnect eth WAN, NAS plex start correctly
  • lalaland
    lalaland Posts: 90  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer
    That's weird, firewall have interference on Plex connection, even the connection is not from one network interface to another network interface.
    Maybe you can try  check plex resource information to see what could be possibility reason. 
    https://support.plex.tv/articles/206721658-using-plex-tv-resources-information-to-troubleshoot-app-connections/
  • Jackal7x
    Jackal7x Posts: 8  Freshman Member
    First Anniversary
    that's cannot work becouse to get xml source i need to get access to my library, cannot access to it till i don't join the NAS to plex account, wihch is the point of my request.
    Ty anyway 
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited June 2021
    Hi Jackal7x, 
    Theoretically, firewall is not possible to block connection without traffic pass through.
    Does the client have any error log during connection process?
  • Jackal7x
    Jackal7x Posts: 8  Freshman Member
    First Anniversary
    edited June 2021
    Hi Colldia, 
    for client plex error,thst's below the error, it's ita sorry, it's say "ops...no media for you".
     Next shows what happens when i try to browser "my library" (server, pink ball on the left, appears and disappers every 2/4 seconds),




    Here you can see my fw logs, it shows activity outside the WAN, why fw should block 10.1.1.15????


     it's the broadcast address cause it's /28. Actualy i used a workaround, i connect lan nas to the DMZ, diconnected the FW, let Plex register device correctly and then restore the nas position.
    It works, just the registration process fails... i'm very courious. Actualy i search every corner of the settings sections and didn't find any relvant

Security Highlight