[Local Bridge] Services on server machine not accessible by VPN clients
Posted: Sat Apr 12, 2025 11:01 am
Hi everyone
I'm experiencing strange behavior with built-in Local Bridge when services that run on the same machine as the server are available to all local users, but are not available to VPN clients.
So the setup is like that
192.168.1.1 - DHCP/DNS/Gateway machine
192.168.1.244 - Raspberry with SE server with local bridge enabled and say nginx/iperf started
VPN clients use 192.168.1.1 as default gateway, so all traffic goes through it
Any local machine can access nginx/iperf perfectly fine, but no VPN client can. However, VPN clients can access 192.168.1.1 and any other machine in the LAN. So it appears as SE server machine is isolated from its own clients. But(!), if i enable tap bridge on the same HUB with local bridge, assign ip with ifconfig (say 192.168.1.245) - than the issue is solved, both local and remote clients can access services on 192.168.1.244(and also on raspberry's domain name, so mDNS/avahi also works)
Reproduced both on Stable 4.43 and Dev 5.02. No Docker, no VM
I also have another Windows machine with same setup on Stable 4.38 and the problem is basically non-existent there. What i mean by that is that services that being run on windows machine are accessible by both local and vpn clients, but the speed to those services are lower than to the services beyond that machine(!). Yes, that's correct. I see 10-20mbit with iperf/SMB from SE server to VPN client, but i can see 50+ from speedtest, while traffic goes through this same server.
I'm not sure whether that's two separate issues or is there any problem in the local bridge itself. Or maybe that's loop prevention of some sort.
TLDR:
I need a setup with server with local bridge and 3rd party services on the same machine to be accessible both to local and remote clients.
I'm experiencing strange behavior with built-in Local Bridge when services that run on the same machine as the server are available to all local users, but are not available to VPN clients.
So the setup is like that
192.168.1.1 - DHCP/DNS/Gateway machine
192.168.1.244 - Raspberry with SE server with local bridge enabled and say nginx/iperf started
VPN clients use 192.168.1.1 as default gateway, so all traffic goes through it
Any local machine can access nginx/iperf perfectly fine, but no VPN client can. However, VPN clients can access 192.168.1.1 and any other machine in the LAN. So it appears as SE server machine is isolated from its own clients. But(!), if i enable tap bridge on the same HUB with local bridge, assign ip with ifconfig (say 192.168.1.245) - than the issue is solved, both local and remote clients can access services on 192.168.1.244(and also on raspberry's domain name, so mDNS/avahi also works)
Reproduced both on Stable 4.43 and Dev 5.02. No Docker, no VM
I also have another Windows machine with same setup on Stable 4.38 and the problem is basically non-existent there. What i mean by that is that services that being run on windows machine are accessible by both local and vpn clients, but the speed to those services are lower than to the services beyond that machine(!). Yes, that's correct. I see 10-20mbit with iperf/SMB from SE server to VPN client, but i can see 50+ from speedtest, while traffic goes through this same server.
I'm not sure whether that's two separate issues or is there any problem in the local bridge itself. Or maybe that's loop prevention of some sort.
TLDR:
I need a setup with server with local bridge and 3rd party services on the same machine to be accessible both to local and remote clients.