search

ivpn / android-app

Official IVPN Android app
https://www.ivpn.net/apps-android
GNU General Public License v3.0
290 stars 53 forks source link

Trouble to open local network URLs #315

Closed anthony-robin closed 4 months ago

anthony-robin commented 4 months ago

Bug report

Describe your environment

Describe the problem

I'm having troubles connecting on my local networks URLs while IVPN enabled browsing with vanadium. For example, http://192.168.1.1 does not load, either my Umbrel self hosted server that is on the same local network (http://umbrel.local).

Looking at the settings, I enabled Bypass VPN for local networks but without more luck (I didn't touch any other config related to DNS) Note that I also have IVPN running on a macbook and I am able to access URLs mentioned above.

Can someone point me on a config that would allow me to access these URLs on Android device ?

Thank you for your help :)

edwardivpn commented 4 months ago

The Bypass VPN for local networks option will not work if you have the system's VPN Kill-switch enabled (Always-on VPN/Block connections without VPN options).

anthony-robin commented 4 months ago

Thank you for your reply :)

I have been able to access my local IP at 192.168.x.x by disabling the Block connections without VPN option. However, the http://umbrel.local address that is on the same network (server plugged with ethernet cable to the box) still not reachable on Android.

Is there another config to update to make it working ?

edwardivpn commented 4 months ago

When you connect, the IVPN app replaces local DNS with ours and our DNS servers do not know the names of your local devices or services running on your device.

You will have to either connect using its IP address, use your local DNS via the app's Custom DNS feature (mind possible DNS leaks), add an entry to the device's hosts file, e.g. 192.168.1.15 umbrel.local (not sure how feasible it is for grapheneOS) or disconnect from the VPN.

anthony-robin commented 4 months ago

Thank you, I am able to access Umbrel using the IP on my local network. I'm still confused why running IVPN desktop client on macOS let me access http://umbrel.local (without any DNS tweak on my side or custom config) 🤔 Are mobile and desktop implementations of IVPN differents ?

Otherwhise I can also use tailscale that give me a private IP to connect my Umbrel server, but as tailscale is also a VPN app on Android, is there a way to make both IVPN and tailscale working friendly together ?

edwardivpn commented 4 months ago

Thank you, I am able to access Umbrel using the IP on my local network. I'm still confused why running IVPN desktop client on macOS let me access http://umbrel.local (without any DNS tweak on my side or custom config) 🤔 Are mobile and desktop implementations of IVPN differents ?

This could be due to the fact that the /etc/hosts file on your macOS system has a static xx.xx.xx.xx umbrel.local entry (check with, e.g. cat /etc/hosts | grep umbrel terminal command) which translates the hostname to an IP address and this is not the case on your Android device.

Otherwhise I can also use tailscale that give me a private IP to connect my Umbrel server, but as tailscale is also a VPN app on Android, is there a way to make both IVPN and tailscale working friendly together ?

On native Android OS, no, as it provides only a single interface reserved for VPN connections.

There can be only one VPN connection running at the same time. The existing interface is deactivated when a new one is created.

https://developer.android.com/reference/android/net/VpnService

On GrapheneOS, each user profile will have its own, separate VPN connection though as each acts like a separate phone. Having said that, you could have a dedicated profile created that can be used for accessing your local environment.

anthony-robin commented 4 months ago

Thank you very much for all your time explaining me how IVPN and DNS config works ❤️

Umbrel is a plug and play server that does not require any custom DNS configuration to be able to access it using http://umbrel.local and I can confirm you that my /etc/hosts config on macOS does not reference any tweaks for Umbrel.

I will keep experimenting your proposed strategies on Android, either by turning off IVPN or switching momentarily to tailscale to access my server. I haven't yet really experienced other profiles on GrapheneOS but it could be another idea :)

Thank you :)