When you say you have one configured can we assume this to mean you have paid Plusnet for it? 

Yes, I've specifically paid for a fixed IP address. The IP address has not changed.

Do you know when you ended up on that firmware version?  (I think that's our latest).

@bobpullen Worth a check?

We have ports open again!

Yes, that's my IP address in the nmap command, yes. So the firmware was auto-updated; that sounds a lot like we have a likely culprit!

Have you double checked the router config, specifically that it's still set to forward DMZ traffic to the appropriate host?

I doublechecked that last night, after rebooting the router. The DMZ is forwarding to the correct configured host.

Manually forwarding ports worked. I now have 25 and the non-standard SSH ports open and can connect from the outside again.
I'll play around with the DMZ settings some more tonight, but it looks like the firmware update broke the DMZ. 😕

---

@zopatista wrote:

I'll play around with the DMZ settings some more tonight, but it looks like the firmware update broke the DMZ. 😕

Will verify at this side. I really hope it hasn't though 

Edit: Struggling to replicate:

1. Port forwarding rule configured to poke a hole through to an FTP server:

sudo nmap -p 21 -sS 51.7.X.X

Starting Nmap 6.47 ( http://nmap.org ) at 2017-08-17 16:51 BST
Nmap scan report for X.X.7.51.dyn.plus.net (51.7.X.X)
Host is up (0.020s latency).
PORT   STATE SERVICE
21/tcp open  ftp

2. Port forwarding rule deleted:

sudo nmap -p 21 -sS 51.7.X.X

Starting Nmap 6.47 ( http://nmap.org ) at 2017-08-17 16:51 BST
Nmap scan report for X.X.7.51.dyn.plus.net (51.7.X.X)
Host is up (0.021s latency).
PORT   STATE    SERVICE
21/tcp filtered ftp

3. DMZ enabled and pointed to the FTP host:

sudo nmap -p 21 -sS 51.7.X.X

Starting Nmap 6.47 ( http://nmap.org ) at 2017-08-17 16:57 BST
Nmap scan report for X.X.7.51.dyn.plus.net (51.7.X.X)
Host is up (0.020s latency).
PORT   STATE SERVICE
21/tcp open  ftp

I'll I did was set DMZ Enable to Yes, and picked one of the available devices in the Device IP address assigned to DMZ dropdown. That device is the server (connected via ethernet); it is listed by its local DNS name.

There are some discrepancies and weird inconsistencies I'd like to note:

The Home Network - Devices tab view fails to detect any devices:

There are devices, including the server, attached to the wired connections, but are either labeled Unknown or entirely missing from the diagram. As for the wireless side, I'm posting this from a laptop connected to the 5GHz wireless connection but it is not listed in that diagram; there are various other wireless devices similarly not listed. There is an elderly Apple AirPort Extreme connected to Lan1, and it'll sometimes show up, sometimes not; it is the Unknown device above, and when it does show it is listed as Not connected. The server on Lan2 and a corporate VPN device on Lan3 are never shown, but the diagram does show that those ports are active as 1 GB/s connections. Could firewalls on the server and the VPN device be responsible for this discrepancy?

Next, I can disable the DMZ option, re-enable it, and still find my server, named, in the dropdown, even though the devices tab doesn't list it. There is no option to supply an IP address for the DMZ.

The firewall Port Forwarding tab does not list the server, only the Unknown device (the Apple AirPort Extreme). Here there is an option to enter a user-defined IP address.

Another thing of note is that the server in the DMZ is also responsible for handling DHCP. I coupled this with a local DNS server; all devices on the network have long DHCP leases and can be resolved by name.The DHCP server on the Hub One is disabled, and the server has a fixed IP address. So where the server name on the DMZ tab is coming from is not entirely clear; the Hub One has no configuration for a local network DNS server so why does it know the server name still? I did, in the past, have the DHCP option enabled and perhaps the router still has cached the server name?

TLDR: The server only shows up as a named device in the DMZ device selection drop-down, and is unexpectedly named. Nowhere else does the server show up as a device, let alone by name.

Ok, this explains why my Plex server has suddenly decided to stop accepting remote connections. I've been banging my head against the wall all night/day on this.

I use an Asus RT-AC87U router which I place in the Hub Ones DMZ, turn off the Hubs firewall and let my Asus with Asuswrt-merlin do all the work, because for some reason the Hub One has no "modem only" mode this was the only way I could easily avert the 'double-nat' issue. However it seems as of this update something has changed and my work-around no longer seems to, well, work. 

I've checked that the router is still in the DMZ in the Hub One and everything is as it should be but it keeps working only intermittently. Plex will say "Fully accessible outside your network" one minute, then 5 minutes later it'll be inaccessible again. Seems something with the DMZ definitely broke in the update.

---

@bobpullen wrote:
Did the devices overview definitely work on the previous firmware whilst in this configuration?

---

It's been so long since I looked at that output, I really can't remember. Sorry!
It's a credit to how long this setup has Just Worked though. 🙂

---

@sunwind wrote:

I've checked that the router is still in the DMZ in the Hub One and everything is as it should be but it keeps working only intermittently. Plex will say "Fully accessible outside your network" one minute, then 5 minutes later it'll be inaccessible again. Seems something with the DMZ definitely broke in the update.

Does the date you started experiencing problems coincide with the date the firmware was upgraded? (the date the image was pushed to your device should be time stamped in the footer of the router configuration pages).

I started experiencing issues yesterday or the day before after I turned the firewall on the Hub One on and then off again (as I let my router handle all that since I place it in the DMZ, and I just wanted to see if plex would still work with the firewall on the Hub One turned on too, but it didn't). Since then I've been having issues despite that being the only change I made, but it doesn't directly coincide with the update:

Plusnet Hub One | Software version 4.7.5.1.83.8.237.2.2 | Last updated 07/08/17

I've since spent the afternoon reconfiguring my network and after resetting both routers and re-configuring everything+my freenas server plex seems to be able to maintain an outside connection, for now at least, so I'm hoping its resolved, will come back if it continues to have issues, should know by the end of tonight.

Thanks