VPN Access works on WiFi, not LAN

B

BBQFreak

n3wb
Jul 13, 2023
18
4
United States
I am temporarily running BI on an old Laptop that has 2 NIC (one for camera network and one for internet/LAN) as well as a WiFi adapter.

When I am on my home network, BI remote access is available via either IP address (wired LAN or WiFi)
When I am on my OpenVPN trying to get to BI via the LAN IP address times out, but it connects just fine via WiFi.
I do not have bind to single address checked and other computers (ie my homeassistant server) that are on Wired are able to be accessed just fine.

Anything I can look at?
 
just a guess... open vpn gives a IP on a different subnet than the subnet your using for your LAN. OpenVPN ip might be like 192.168.30.1 when LAN is on 192.168.0.1 and that subnet isn't in your BI allowed list. Or your firewall prevents subnets from talking to each other. Im just guessing here. Are you using VLANS? There are a lot of possibilities not knowing anything other than what you've given so far.
 
  • Like
Reactions: The Automation Guy
whoami ™ said:
just a guess... open vpn gives a IP on a different subnet than the subnet your using for your LAN. OpenVPN ip might be like 192.168.30.1 when LAN is on 192.168.0.1 and that subnet isn't in your BI allowed list. Or your firewall prevents subnets from talking to each other. Im just guessing here. Are you using VLANS? There are a lot of possibilities not knowing anything other than what you've given so far.
Click to expand...
My OpenVPN does indeed assign a different subnet (10.0.1.x), but I can hit 10.0.0.35 (or whatever it is) that's my wifi adapter and not 10..0.0.110 that is my static LAN. From inside the network I can hit both.
 
I agree that there is likely a "rule" somewhere that is preventing you from connecting to BI while on the VPN ip address subnet.

This might be because the VPN was not set up correctly to start with and the firewall/router is blocking data from crossing into the subnet that BI is in. If your BI is on it's own VLAN, did you specifically include the BI VLAN subnet in the VPN "allowable connections" field? You might have only included your primary network and forgot to include the BI VLAN.

It might also be that within the BI settings, you set the network access to only allow connections over your local network and specifically only to your normal local network subnet (ie 10.0.0.X). If this is the case, BI will block traffic from the VPN subnet addresses (10.0.1.X). I know I was "bitten" by this mistake myself initially. I had "locked down" BI to only allow local network connections, but had not gone back in and added the VPN subnet after I set my VPN connection up. This might be the same problem you are experiencing.

Also, are you sure that you are using a 255.255.255.0 subnet mask (ie a /24 network) to ensure your 10.0.0.X and 10.0.1.0 subnets aren't overlapping?
 
Last edited:
Check for a recent Windows update that changed one or more of the BI server's network connection properties from "private" to "public" or vice versa, as in one or both of it's NICs.
 
  • Like
Reactions: looney2ns and The Automation Guy
You must log in or register to reply here.
Top Bottom