As the title says, I can’t access my server unless my computer and server both are connected to my VPN. I noticed this when I was trying to install a Let’s Encrypt certificate for a domain and got Errno 22 “can’t access server through http”. I have this problem both with a noho.st subdomain and a domain name I own myself.
The debug message from the cert-install command tells me “domain IP from DNS” and “public IP from the server” are identical to each other, both when I’m on VPN and when I’m not. “domain IP from local DNS” on the other hand is different from both my VPN IP address and my normal IP address. It remains the same regardless of whether I’m connected to the VPN or not though.
Any ideas of what my problem could be? Hints of how to debug? What is a “local DNS” anyway?
Some new clues. Local DNS as I understand is for example when you have connected a particular IP to some domain name in /etc/hosts or in /etc/resolv.conf. In my .conf-file for OpenVPN there is an up and a down option that calls the script /etc/openvpn/update-resolv-conf. However, my resolv.conf is really simple, just this:
# Generated by resolvconf
nameserver 127.0.0.1
which doesn’t correspond to the local DNS IP iget from yunohost domain cert-install. (The one I get from there is always one owned by my VPN provider).
Does anyone else make use of the update-resolv-conf script? Has it caused trouble? I think it comes with the Debian version of OpenVPN.
I don’t use the vpnclient app. I just installed OpenVPN and followed the instructions from my VPN-provider. Basically putting their .conf-file in the right place and enabling the service openvpn-client@conffile.service.
I have UPnP activated and reloaded the firewall after I closed down the VPN but the local DNS IP didn’t change.
Do you think I should try the vpn-client app instead? I could do it if there’s any point to it. I noticed the feature “Set DNS resolvers on the host”. It sounds kind of related to my problem.
As the title says, I can’t access my server unless my computer and server both are connected to my VPN.
How do you access to your server with the ip (and which ip) or with the domain name ?
A computer outside on the internet can’t access to your server in that case ?
Has your VPN a public ip ?
I’m accessing it trough the domain name. Curiously enough, I can’t seem to access it with just the IP address now that I check. I have two domain names, one nohost.me address and one ordinary domain name. Both work when I’m connected to the VPN.
Yes, that’s right. When I’m using my my computer on the same WiFi as the server but with VPN disconnected on the computer I can’t access it. I also can’t access it when using my mobile phone’s 4g internet.
This is interesting. I looked at their web page and it seems they have an additional service that I can subscribe to called “Public IPv4”. I don’t have it now. Does it mean they can block access to my server? They say that they don’t filter traffic in any way.
According to the first page, UPnP should be enough. I also don’t think that it’s hairpinning because I can’t access it from outside my home network either (tried it on my phone’s 4g).
I think I found the answer to the question about my VPN provider blocking the server. This is on their homepage:
And they won’t let me open ports below 49152. I guess that rules out using VPN unless I pay up (since I would need port 80 and 443 for http and https).
The problem still remains when I’m not using my VPN though. I shut down the VPN connection and reloaded the firewall. Still, it can’t be accessed. Trying to do a cert-install gives me the local DNS IP - domain ip from local DNS 127.0.0.1, which is different from before.
I will give port forwarding a shot and see if it makes any difference.
Ok, I guess I have it figured out now. Using manual port forwarding actually solved it. I don’t understand why UPnP didn’t work despite being activated. Thanks, @lfj, for the advice
You havent mentioned which VPN are you using? i think its a vpn issue due to which you cannot access to server.For LibreELEC. i am using surfshark vpn and its the best LibreELEC vpn so surfshark will solve your issue as well.
It’s surprising that a VPN is blocking a host server. I have been using PureVPN and its different VPN Servers, and I didn’t face any issue like this yet none of my server conflict with each other.
Hi Poyu,
i was in trouble like you but in a mean time i rectify the issue, i had a free VPN for China and the same issue was created, Paid VPNs gives better service instead of Free. if you have paid VPN service then no Problems like this one.
