Here's how I successfully made MyPlex / PlexPass work with a VPN.
Prerequisites:
- Mac OS X Mavericks/Yosemite (not yet verified on El Capitan)
- PIA/AirVPN/whatever (any VPN that supports port forwarding is fine)
- Any VPN client running on your mac
Steps:
- Forward the port on the VPN.
Go to your VPN's web site to add a port forward.
I'm using AirVPN so I go to airvpn.org/ports/ and click the Add button. Don't fill in any of the fields. Let it assign a random port, and let it forward to the same local port.
Write down the randomly generated port number. You will need it later, whenever you see VPN_PORT
in the instructions below, you will replace it with this number.
- Set up port redirection on your local machine
Mavericks 10.9 and Yosemite 10.10 use pf
(The OpenBSD Packet Filter) for port redirection.
Use the Terminal
app to access the command line.
Create the file /etc/pf.anchors/my.plex.vpn.forward
using your favourite editor, or nano:
sudo nano /etc/pf.anchors/my.plex.vpn.forward
Copy the following into the file:
# To allow access to Plex Media Server from outside the VPN AirVPN
# local ethernet for testing (en0)
rdr pass on en0 inet proto tcp from any to any port VPN_PORT -> 127.0.0.1 port 32400
# OpenVPN presumably is tun0
rdr pass on tun0 inet proto tcp from any to any port VPN_PORT -> 127.0.0.1 port 32400
Delete VPN_PORT
on lines 3 and 5 and copy in the random port you wrote down above.
Save the file and exit nano.
To verify that your port forwarding file is correct:
sudo pfctl -vnf /etc/pf.anchors/my.plex.vpn.forward
If you see unknown port VPN_PORT
then you forgot to replace VPN_PORT in the file with your own randomly generated VPN port from step 1.
Create a pf
config file:
sudo nano /etc/pf.plex.conf
Copy this into it:
rdr-anchor "my-plex"
load anchor "my-plex" from "/etc/pf.anchors/my.plex.vpn.forward"
Start pf
(It doesn't run by default)
sudo pfctl -ef /etc/pf.plex.conf
- Configure Plex Server
Go to Plex Media Server web interface > Settings > Server > Connect
Make sure you are signed in with your plexpass.
Check the box Manually specify port
and enter VPN_PORT
that you wrote down above. Click the button (Update/Retry/whatever).
You'll see "Connecting Server..."
After a few seconds you should see "Server is mapped to port [VPN_PORT]"
- Test it with your Mobile Phone
First turn off WiFi. (Otherwise your phone might connect on the local network and that's not what we want.)
Log in
It should automatically connect now. If not, try Refresh, Sync, and or waiting a minute.
Once you can see it works you can turn WiFi back on.
Extra stuff:
- To make pf run automatically when you reboot your mac, see OS X
Server: How to enable the adaptive firewall (except change the
conf file from pf.conf to pf.plex.conf)
- You can test from inside and outside your network using telnet, e.g.
telnet IP.ADDR.OF.PLEXMAC VPN_PORT
and if it connects your settings are correct.
- This wouldn't be necessary if Plex server were updated to listen on all network interfaces including the vpn interface.