01-07-2022 02:17 PM
I need some help trying to allow outside Plex traffic to connect to my internal Plex media server.
Plex uses tcp 32400 port and I want it talk with my MS 144.244.0.1 which is on the inside). I keep getting this error:
%ASA-7-710005: {TCP|UDP} request discarded from
source_address/source_port to interface_name:dest_address/service
The ASA does not have a UDP server that services the UDP request.
I have the following configured:
object network Mark's_Plex
host 144.244.244.195
description Mark's Plex Media Player
object service 32400_TCP_Plex
service tcp source eq 32400 destination eq 32400
description For Plex
access-list outside_access_in extended permit tcp interface outside object Mark's_Plex eq 32400 log
nat (inside,outside) source static any any destination static Mark's_Plex Mark's_Plex service 32400_TCP_Plex 32400_TCP_Plex description For Outside access to Plex Media Server
access-group outside_access_in in interface outside
I need fresh set of eye to spot the issue. I believe its the access-list, but i can't see the problem.Thanks
Solved! Go to Solution.
01-08-2022 12:20 AM
The ASA does not have a UDP server that services the UDP request.
is the service running TCP or UDP on the media server:
Try below :
object network Mark's_Plex
host 144.244.244.195
description Mark's Plex Media Player
object service 32400_out
service tcp source eq 32400
object service 32400_in
service tcp source eq 32400
nat (inside,outside)source static Mark's_Plex interface service 32400_in 32400_out
access-list outside_access_in extended permit tcp any object Mark's_Plex eq 32400_in log
try packet tracer from ASA :
packet-tracer input outside tcp 8.8.8.8 1025 external-IP of outside 32400 detailed
01-09-2022 07:43 PM
Hi Paul,
I used Balaji example below and it fixed my issue. Thanks for chiming in
object network Mark's_Plex
host 144.244.244.195
description Mark's Plex Media Player
object service 32400_out
service tcp source eq 32400
object service 32400_in
service tcp source eq 32400
nat (inside,outside)source static Mark's_Plex interface service 32400_in 32400_out
access-list outside_access_in extended permit tcp any object Mark's_Plex eq 32400
01-07-2022 09:38 PM
I'm I in the right forum, no one has any ideals o fixing this issue?
01-08-2022 12:20 AM
The ASA does not have a UDP server that services the UDP request.
is the service running TCP or UDP on the media server:
Try below :
object network Mark's_Plex
host 144.244.244.195
description Mark's Plex Media Player
object service 32400_out
service tcp source eq 32400
object service 32400_in
service tcp source eq 32400
nat (inside,outside)source static Mark's_Plex interface service 32400_in 32400_out
access-list outside_access_in extended permit tcp any object Mark's_Plex eq 32400_in log
try packet tracer from ASA :
packet-tracer input outside tcp 8.8.8.8 1025 external-IP of outside 32400 detailed
01-08-2022 09:13 AM
Thanks Balaji,
Sorry I click on the solved by accident. I'm able to add the first two commands but it errors out on these commands:
nat (inside,outside)source static Mark's_Plex interface service 32400_in 32400_out
access-list outside_access_in extended permit tcp any object Mark's_Plex eq 32400_in log
It does not like eq 32499_in or 32400_out. Not sure if my version of ASA will take _out or _in. Also I've move the Plex server to the DMZ so nat (inside,outside) will change to nat (dmz1, outside).
01-08-2022 09:31 AM
@Stevan44 Is 144.244.244.195 and 144.244.0.1 your actual real public IP addresses?
You've said 144.244.0.1 is your MS and your NAT rule and ACL reference an object with an IP address of 144.244.244.195. The ACL needs to reference the real ip address not the translated address.
01-08-2022 09:36 AM
I got the nat rule added it was my fault created a new object and deleted the old one. I was trying to use the old one in your example and it was giving me an error.
But I can add access-list outside_access_in extended permit tcp any object MarksPlex eq 32400_in log, but I can do access-list outside_access_in extended permit tcp any object MarksPlex eq 32400 log
But at any rate this fixed the issue Thanks.
01-08-2022 09:47 AM
Post the config after changes are done, what error you getting, like to see the error , also give us more information.
what ASA Model and what ASA Code running for to assist right syntax.
01-09-2022 12:27 PM
Hello
@Stevan44 wrote:
I need some help trying to allow outside Plex traffic to connect to my internal Plex media server.
Plex uses tcp 32400 port and I want it talk with my MS 144.244.0.1 which is on the inside)
If you dont need to translate the tcp port then you apply identity nat to that port so it doesnt get translated, the following should static pat on that particualr inside host to the asa outside wan interface on tcp 32400.
object network Mark's_Plex
host 144.244.244.195
nat(inside,outside) static interface service tcp 32400 32400
01-09-2022 07:43 PM
Hi Paul,
I used Balaji example below and it fixed my issue. Thanks for chiming in
object network Mark's_Plex
host 144.244.244.195
description Mark's Plex Media Player
object service 32400_out
service tcp source eq 32400
object service 32400_in
service tcp source eq 32400
nat (inside,outside)source static Mark's_Plex interface service 32400_in 32400_out
access-list outside_access_in extended permit tcp any object Mark's_Plex eq 32400
01-10-2022 12:15 AM
Hello
no worries i’m glad @balaji.bandi suggestion worked.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide