Plex Issue With VPN When Using "Don't Pull Routes"

Networking & Firewalls
1

Hey guys,

A quick description of my setup and the issue.

I have two gateways, one VPN (OpenVPN) and the other my standard WAN. I have firewall rules the routes traffic from select devices through the VPN or WAN gateway as needed. Rules as below

FW Rules
FW Rules1718×223 29 KB

I have a Plex server. This is routed down the VPN gateway and works fine as I can get access to the server from outside of my network.

After running Plex for months, I recently noticed some issues with my VPN configuration whereby it would pull routes into Pfsense which would negate my firewall rules and would essentially mean all my network traffic went through the VPN gateway. Which was evident from when I checked the routing table where 0.0.0.0/1 is routing down my VPN gateway as shown below.

Routing Table
Routing Table1378×334 22.2 KB

(The 213 IP represents my WAN gateway)

In order to restore order I had to enable the “Dont pull routes” from my VPN config as shown below.

Dont Pull Routes
Dont Pull Routes1714×341 34 KB

While this did fix my traffic routing so that my firewall rules were adhered to, since doing this, I cannot get access to plex outside of my network through the VPN WAN. See below plex, not happy lol

Plex
Plex912×158 21.2 KB

Please note that all my port forwarding is setup and correct as this was working just fine until the recent changes, so it is not related to my ports and I also double checked by running Plex through my WAN gateway, all works fine. So it is definitely something to do with the VPN routing.

**Update**

I disabled the “Dont Pull Routes” option and instead in my OpenVPN config entered in the custom option field “pull-filter ignore redirect-gateway”

This again corrects the issue and stops the VPN from forcing itself as the default gateway in the routing table. However, while Plex now connects to the internet over VPN as it should (based on my firewall rules), when I try to access it from outside the network, I cannot get a connection to the server. Below shows plex getting out to the internet now.

{82E8144E-C282-4F7D-8452-98AFC7BA0B7D}
{82E8144E-C282-4F7D-8452-98AFC7BA0B7D}949×169 21.9 KB

If I remove the option “pull-filter ignore redirect-gateway” allowing the VPN to assert itself as the default gateway, Plex works fine and I can connect to it from outside the network

Evidently I am missing something regarding the routing to allow Plex to work when using the “pull-filter ignore redirect-gateway” option , any ideas?

Any help greatly appreciated.