So I spent the better part of 3 hours trying to figure this out. Here’s my setup:
Wired and Wireless clients all on same subnet. (192.168.x.x)
Synology DS918+ also on same subnet, teamed nics going to ASUS GT-AC5300 (also applies to RT-AC5300) port 5 & 6
Running Plex in a docker container, using teamed nic as bridge connection.
Was working fine and out of the blue today, wouldn’t connect at all. FireTV/LG would say server is offline, iPhone would get 401 Unauthorized.
Here’s what I ended up figuring out:
Go into Plex settings – Server – Network. Under “List of IP addresses and networks that are allowed without auth”, put in: 172.17.0.1/255.255.255.0
This is the internal network of Docker, which will allow the pass through from the NAS to Docker to hand off (it sees your internal 192.168.x.x network address from your router as a 172.17.0.1:portnumber device (which is docker itself) as requesting access.
So, even though I got responses like this:
Jul 03, 2018 20:26:27.127 [0x7f1a74bff700] DEBUG - Completed: [172.17.0.1:37526] 401 GET / (5 live) GZIP 0ms 416 bytes
Jul 03, 2018 20:26:31.374 [0x7f1a74bff700] VERBOSE - Auth: We found auth token (xxxxxxxxxxxxxxxxxxxx), enabling token-based authentication.
Jul 03, 2018 20:26:31.374 [0x7f1a74bff700] DEBUG - Auth: authenticated user 1 as stevepresley
Jul 03, 2018 20:26:31.374 [0x7f1a74bff700] VERBOSE - Auth: Came in with a super-token, authorization succeeded.
PMS was still returning a 401 since the docker internal address wasn’t whitelisted!
ALSO, even though the Settings->Network “List of IP addresses and networks that are allowed without auth” help text says you can have a comma separated list of IPs or network masks, I kept getting an error saying this:
Jul 03, 2018 20:20:34.559 [0x7f1a74bff700] ERROR - Error parsing allowedNetworks ' 172.17.0.1 255.255.255.0': Invalid argument
Somehow it was stripping out the ‘, ‘ and turning it into a null character, as when I tried to paste the above line in, Textpad kept giving me an error about the character between the ‘ and 172 right after allowedNetworks.
Hope that helps someone out, as 3 hours of Googling and searching on the synology, plex and docker sites didn’t help me one bit!