If you see the message “Plex is not available outside your network” even though you’ve opened the required ports, your DNS resolver may be blocking DNS rebinding by default. The fix is to mark plex.direct as a private domain in your DNS resolver so the resolver will allow queries for that name.
Below are concise, separate instructions for OPNSense (Unbound) and pfSense (DNS Resolver). Follow the section for the product you’re running.
OPNSense (Unbound DNS)
- Log into the OPNSense web interface.
- Go to Services → Unbound DNS → Advanced.
- In the Private Domains field add:
plex.direct
- Save and apply the changes.
That tells Unbound to treat plex.direct as a local/private domain and prevents it from blocking the Plex hostname.
pfSense (DNS Resolver)
- Log into the pfSense web interface.
- Go to Services → DNS Resolver → General Settings.
- In Other Settings (the custom configuration area) add the following YAML snippet:
server:
private-domain: "plex.direct"
- Save and apply the changes.
This configures the DNS Resolver to treat plex.direct as a private domain, allowing the Plex hostname to resolve properly from outside your network.
Notes & troubleshooting
- After changing the resolver settings, you may need to flush DNS caches on clients or restart the resolver service.
- If you use additional DNS forwarding or split DNS, ensure
plex.directis resolvable from the networks where clients connect. - These changes are safe: they only affect how the resolver treats the given hostname and do not expose other services.
If you want, I can also add a small screenshot or annotated step-by-step for either OPNSense or pfSense to the post.