IPFIRE + Plex Server + TV


I’m a newbie.

Is there any setting in IPFIRE that I can get my TV and Computer to communicate?

My setup:

You will need to open a ports for your Plex client
to reach your plex server.


How do I fill in the rule?

I’m really lost.

Quote from the link @hvacguy linked for you:

Step 2: NAT

As this is a NAT rule, check “Use Network Address Translation (NAT)” and select “Destination NAT (Port forwarding)”.

Don’t take this as sarcastic because it is not. Which part of that quote is not clear? There are no images but the description is quite detailed. If it needs to be rephrased, I will clarify it here and try to modify that text.


Let me try to explain conceptually what kind of problem you are facing. There are not enough IP numbers available in the world. This is at the root of your problem. If we were all using IPV6 instead of IPV4, all your machines in your local network will have a public IP and therefore the routing from anyone machine to anyone else in the world will be straightforward and way simpler.

As it is, we have not enough IP numbers, therefore the routing becomes complicated. Let’s see how this apply to your case. The TV, connected to the cable modem, wants to send IP traffic to the right computer inside your network so you can watch whatever the plex server would stream. The problem is, because the TV is located outside your local network, it doesn’t know how to reach your plex machine. It can only send packets to IPFire and delegate to it the job to address those packets to the final destination.

However, this is a routing table that you need to create in IPFire that in human terms would sound like this: "any packets addressed to my public IP (the red interface) with a TCP (or UDP) port equal to … (whatever your plex server uses) should be forwarded to This way, when your TV from outside your local network tries to reach the plex server, your IPFire knows to forward those IP packets to The key here is to know which port is to be forwarded.

How to create this table, is described in the wiki page that was linked to this thread. If you cannot follow it, ask away where it gets confusing and I will try to clarify it.



I am guessing that your Plex Client is connected to the Cable Modem via Wi-Fi.

If this is true, I’d suggest turning the Wi-Fi OFF for the Cable Modem and adding a Wi-Fi Access Point to the green side of the firewall. This will be safer and easier than opening a hole in the firewall.


Plex Client (TV) is connected to the Cable Modem via wired cable.

I read it several times but I don’t know if I got it right.

I did this, but it didn’t work:

Almost, if you read again the section concerning the service, you need NOT to set the source port, as that one changes every time. it is random. Only the destination port should be specified.

Also, are you sure the destination is correct? In the diagram you wrote that the plex server is not what you wrote in the rule.

Edit: I see, you have inverted source and destination. The source should be the red interface and the destination the plex server. is a local IP address but it is not an IPFire local IP, it is given by the cable modem. Unfortunately you have a double NAT. Two machines create two tables and this creates conflicts. I think your rule will not work unless you open your plex server to any IP address coming from the red interface. Not a good thing from a security point of view.


PC (Plex Server):

TV (Plex Client):

The IP of TV isnt the public IP, is the lan of the modem.

I only use Plex locally.

I tried this rule, but it didn’t work:

Which side of the modem is the TV connected to exactly?

You have your source and destination backwards.
Need port for source and destination
The source is TV.
Destination is Plex server

1 Like

Or this would be easier.

1 Like


Of course. Think about it. Who is initiating the dialog? The plex client who wants to receive the stream. The plex client has but it is coming from the red interface from the point of view of IPFire. Also, it is not a public IP and it is not part of the routing table of IPFire, therefore when the plex server gives an answer I think it will not be routed back to the plex client. I think in the source you have to put the RED interface so that IPFire will send back to the right interface the return traffic and hope that the modem will correctly forward the traffic back to the plex client. That’s the joy (sarcasm) of the double nat.

EDIT: as @hvacguy as said, while the source is the plex client with the whole double NAT mess, the destination is the plex server, so


I just found out what DOUBLE NAT is and I already hate it haha

Do I try like this?


almost, the source port should be blank. As I said, it is random therefore as it is the rule will not work.

now I think it is fine. It should work. If it doesn’t, it is the fault of the modem. In that case maybe you can find a way to make the double nat work. Maybe a static route? It depends on the firmware of the modem.

EDIT, I am also wondering if a static route in IPFire might allow the use of as the source field.

1 Like

Why can’t the TV be connected to the GREEN network?

Will the TV only connect to the Plex server?

I think that according to the wiki it should be as below

But TV needs to “know” where to direct packets - routing.

1 Like

If the TV ( Plex Client ) is in the green (local!) network you don’t need any rules.
Server and Client can communicate freely with each other.

Or is there some other reason for the TV placement?