I can’t host PLEX in my DMZ because their app sucks on some clients, hiding or not allowing finding the server via IP so it does the local scan junk. It’s virtually bridged to 2 VLANs as a result. Also this would become a 10G upgrade for my router if I did this but different topic.
This means direct port forwarding is off the table. Is there a service I can use to act as a middleman (ideally hosted in my DMZ) to access the client, without directly exposing PLEX to the WAN but that also doesn’t involve directly exposing my media server full of “Linux ISOs” to a cloud?
Before you tell me to use Jellyfin I am holding off for more feature parity, but this is the eventual plan.


You don’t add it from the app. You add it in server settings. And you wouldn’t hairpin, you’d have the firewall rules. Having it in dmz would segregate it from your internal network so outside users could hit it … If you so choose.