Why You Need a VPN for Plex?

Why You Need a VPN for Plex?

You might be wondering, “Why should I use a VPN with Plex?” You’re bound to run into these problems with your ISP when streaming through the media center:

Bandwidth Throttling

bandwidth throttling

Most ISP are often not fond of customers who stream content because it consumes a large amount of bandwidth. To reduce the load on their systems and discourage you from engaging in bandwidth-intensive activities, ISPs resort to the practice of intentionally throttling your bandwidth.

If you’re experiencing slow speeds when trying to stream your Plex videos, you could be a victim of ISP throttling. This can be avoided with a VPN for Plex as it safeguards all the data you send across the Internet using encryption. Since your streaming traffic will be disguised, your ISP won’t be able to know what you are doing and throttle you.

Privacy Protection

[Privacy protection for Plex

This is related to the point above. Your ISP is able to throttle your bandwidth by using Deep Packet Inspection (DPI), which basically enables them to see everything you do online. Your Internet connection is then slowed down as soon as they detect streaming traffic.

On other occasions, the technology might be used by ISPs to collect and sell your online activities to third-parties for a profit. By using a VPN for Plex though, you can protect all your traffic – both streaming and otherwise – for a worry-free online experience.

Region-Locked Content

regional-restriction

When you set up Plex, you can install plugins to extend its functionality and watch content from popular streaming sites such as BBC iPlayer, Pandora, HBO Now, and MTV. Unfortunately, some of these might not be accessible due to regional limitations.

This means that you need to be located in a certain region to stream these channels, and a Plex VPN can be useful here.

How to Use a VPN with Plex?

Well, it depends on your scenario:

  1. If you’re running a Plex server alone, you’ll need to route traffic through your VPN selectively, but this can be a complicated process for most novice users.
  2. If you’re running a Plex player, you can use your VPN on the same device, and everything should work fine.
  3. If you’re still facing problems in using a VPN with Plex, you also have the option of setting up a VPN on your router. In this way, all the data sent to and from your network will be automatically protected with robust encryption algorithms.

List of Providers

|Name|Website|Monthly Cost|Contract Length|Streaming Media|Torrents/ Usenet|Notes|
|-|-|-|-|-|-|-|-|-|-|
|ExpressVPN|Site|$12.95|1 month, 6 months, 1 year|Yes|Yes|-|
|NordVPN|Site|$11.95|1 month, 1 year, 2 years, 3 years|Yes|Yes|-|
|Surfshark|Site|$11.95|1 month, 3 months, 1 year|Yes|Yes|-|
|IPVanish|Site|$10.00|1 month, 6 months, 1 year|Yes|Yes|-|
|CyberGhost|Site|$12.99|1 month, 1 year, 2 years, 3 years|Yes|Yes|-|
|Private Internet Access VPN|Site|$9.99|1 month, 1 year, 2 years|No|Yes|-|
|ProtonVPN|Site|$10.00|1 month, 1 year, 2 years|Yes|Yes|-|

VPN is a double edged sword, I would suggest the majority of people don’t need a VPN unless they live in a locality where the laws are more draconian than the EU/US or are doing something on a non personal basis, usually including IPTV (UK Premiere League being an obvious example). Throttling may be a thing on some ISP’s, but unless it is, I’d think carefully before jumping in.

In terms of VPN usage, Policy Based Routing is usually the best policy, you generally don’t want to push all traffic from your personal connection over VPN, that can result in issues with banking services, ordering online is often flagged for additional fraud checks and accessing some sites is just outright blocked based on the IP range being that of a VPN provider, certain payment options may not be available (PayPal credit options for example), region locked services can also be a problem (UK BBC iPayer is a constant game of cat and mouse for VPN providers for example), so ideally you want to either route certain clients/VLAN’s or certain ports/protocols via VPN, not everything.

The other issue is speed. OpenVPN is pretty much the default secure standard here, it’s single threaded and really not suited to most routers using MIPS or ARM processors, a small minority have limited hardware acceleration, but they crap out around the 200-250Mbit mark. If you want near line speed, you have two options: Hardware acceleration (AES-NI on a semi-modern x86/64 CPU) or Wireguard.

AES-NI generally means you’ll be using pf/OPNSense, Untangle or Sophos XG etc. on a PC or virtualising with direct NIC pass through (just don’t forget if you break/reboot the virtualisation host, or say an upgrade goes bad, the entire network goes down), once you go this route, you probably won’t want to go back to a toy router again.

Wireguard is the (not so) new kid on the block, it’s taken a few years to get to a stage where it’s out of beta and is due to mainline in BSD, but has a reasonable user base/support from most providers worth using. It’s much more efficient and can run on much more humble hardware at much faster speeds. It’ll run under DDWRT/OpenWRT etc. and hits near gigabit speed on something like a Pi4, PiVPN+PiHole is a great use for a Pi4. You can also use something like the Binhex -VPN docker images which include support for OpenVPN and Wireguard in some cases, as well as the option to enable Privoxy (a proxy for the container’s VPN connection to expose it to other containers/devices). Whatever you use, actually check it works and ensure you understand what will happen if the tunnel goes down, the last thing you want is your traffic going out unencrypted without realising. Also check for DNS leaks - not much point in encrypting the traffic if you openly announce what it is/where it’s from.

That brings us VPN providers, it’s been possible to get Nord/PIA free for two years recently using cash back services, however PIA is a company who has highly questionable ownership and management, in simple terms they employ the man behind what is arguably one of the largest Bitcoin thefts/losses in history (MtGox), it’s a loss if you believe he is as inept as he claimed to avoid jail, it’s a theft if you think he’s technically competent and therefore suitable to be employed in a technical capacity for a company who’s sole purpose is to ensure your privacy. That said this is a company that changed hands very quietly and is now owned by people with highly dubious links to malware slinging, though in fairness they have a 100% record in not being able to comply with court orders. Nord are less awful in ownership/management terms, but have some unfortunate recent history/practices in place that mean they aren’t as safe a bet as someone like Mullvad who absolutely go balls deep on privacy, but for some reason aren’t mentioned on the list? r/VPN really is worth having a look at for the excellent breakdown of who is who and what the differences are, but if privacy is actually important, my default recommendation would be https://mullvad.net

4 Likes

i second mullvad.
Also hear good things about proton.
Both swiss.
How that stands to mean anything if pressure REALLY applied by5eyes i’m not sure…

Good write up DM, didn’t know you were a data hoarder AND privacy afficionado.
good stuff

dP

I have had issues with a couple users where the ISP throttles Plex.

I know this because I followed the CloudFlare CDN instructions and my users were able to stream perfect and nearly instantaneous from a server in Finland using Hetzner.

However, it’s clear CloudFlare has caught on to using their CDN for streaming, because within a day nearly everything comes to a halt. Then I have to use traditional DNS and it no longer works again for these users.

Unfortunately, it works most often fine for me utilizing the CDN or not. The one difference I have between my users is that I use secure DNS on my router (or try to) pointing to CloudFlare DNS.

I contemplated a while getting a server in the US, but I am not confident it will fix the issue. I Imagine the ISP uses some sort of domain filtering for throttling. Because when you use CloudFlares CDN and everything works well momentarily this is because they are “streaming from CloudFlare” until CloudFlare kills reduces the steam themselves.

This got me thinking about a VPN. Going to give NordVPN a shot and utilize their WireGuard protocol and report back.

Anyone else having any issues? Those who are interested should purchase an enterprise plan from CloudFlare Lol.

Or if there is a way to change “Plex” from being in the subdomain that may work.