OctoPrint not accessible via VPN , port 443 and port 80 not reachable via VPN
OctoPi is accessible via SSH, I have a proper ping, port scan, and SSH with no problem , but no HTTP or smartphone app.
It seems like OctoPrint not allowing HTTP/HTTPS access from another source network, maybe firewall in OctoPI ?
no
How did you do your install and did you install the HAProxy?
Can you access it on the local lan using http and https?
It's working perfectly from lan, I didn't install a proxy.
It's normal to set up OpenVPN with a Tplink home router. The VPN is working fine with all devices in the home network, except the http interface of Octopus.
I can ping Octopi and scan all open ports, I can even do ssh from vpn.
When you access it from the LAN, what does the url look like?
Are you able to use https from the LAN? If yes, include both the url you use on the local LAN for HTTP and HTTPS.
Please respect the work that has gone into the free software you are using.
What ports are open?
Open ports from scanning are http, https, ssh . Exactly like its supposed to be
URL from LAN is "http://192.168.0.251/login/?redirect=%2F%3F&permissions=STATUS,SETTINGS_READ"
https://192.168.0.251/login/?redirect=%2F%3F&permissions=STATUS,SETTINGS_READ
If you did not install a proxy, on your OctoPrint device you should be required to use port 5000 on the local lan. I don't see that...
If the SSL(HTTPS) URL works on your lan, you must have installed a cert of some type. And again, will require a proxy like HA to make that work.
Maybe the install you used (Sounds like Octopi OS ) includes the proxy setup and you just are unaware of it.
When you say the ports are open for HTTP/HTTPS and SSH, are they open for all traffic or just specific IPs? Is there a screenshot of the rules you could share.
I am not sure if the firewall or proxy on the Pi can distinguish from an external network request or a direct LAN request. I don't think this is the issue but it might be something to look into.
In relation to the VPN setup, what type of Connection is being made. P2P or roadwarrior ?
How you are testing your VPN connection.
My best guess is that you likely have the VPN setup differently than you think or you are testing it in a way that it is not intended to work.
Also maybe gateway routing... If you don't have the proper gateway configured in your OctoPi network config, it might work local but not for a remote connection.
Maybe share your SystemInfo bundle, might be something in there that has value. Maybe in the tornado log.
Thanks , intresting, i have downloaded tornado logs, i can see VPN connection, successful get and post messages, you can see clearly difference In milliseconds between LAN and VPN connections.
I am testing that from my phone within the
octoprint-systeminfo-20240910171817.zip (38.5 KB)
OpenVPN VPN client via a cellular connection (obviously wifi is disabled)
I have some messages about proper gateway in logs, I will check it out
2024-09-10 17:18:05,011 - octoprint.plugins.networkhealth - INFO - Failed to determine default gateway; using 8.8.8.8 instead...
2024-09-10 17:18:05,025 - octoprint.plugins.networkhealth - ERROR - No Network Connection - Resetting Adapter(s)...
Checked, the gateway is good
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.0.1 0.0.0.0 UG 303 0 0 wlan0
192.168.0.0 0.0.0.0 255.255.255.0 U 303 0 0 wlan0
Ya.. that default gateway that it is using is going to be the issue I think. That "8.8.8.8" is google's DNS Service. So that is not going to work. It should be using your internal LAN gateway IP for your router.
You may want to also try disabling the "network health" plugin to see if that helps. It looks like it might be crashing in some way and causing a network reset. Likely dropping connections or worse.
Your gateway looks to be 0.0.0.0
That is likely why its throwing the error and then crashing.
If you are on the same network, in a standard ad-hoc home network the gateway will not matter much.. you will connect direct to each other. But once you are coming from out side the router.. like you are with the VPN, you need a gateway.
8.8.8.8 i use for dns, where did you see it used as gateway? In logs?
You posted it but it's in the log file.
INFO - Failed to determine default gateway; using 8.8.8.8 instead
If you are using DHCP From your router, you should check that config. If you are using a static locally configured IP, you likely did not configure a gateway.