Android App and Tailscale

I set up remote access to my openhab installation using the tailscale client built in openhabian.
I also use for push notification - and just for that.

I made sure that the openhab host is reachable under the same IP in the local network as when connected via VPN (by defining a route to my local network). Connectivity has been tested via browser.
The App is configured with the local IP as local connection and plus credentials for remote access.

Now the app is not able to connect to the openhab instance when connected via VPN unless I am connected to another WiFi network that the android system treats as a local connection.
I guess that there is some kind of logic in the app that checks for non mobile connections and - if connected - uses the local settings. The tailscale VPN connection is somehow not considered as such.

So here are my questions:

  • Has anyone a similar setup and found a workaround?
  • Would it be a good idea to make the Apps behavior in this case a bit more configurable (like: try ping the local host instead of checking the connection type…)

So you’re using for notifications and a different connection for remote access. I cannot remember that I’ve seen this before.

Strange, the VPN should be treat as local connection. Is there any error message?
Can you post the log of the app after trying to connect to the local server over VPN?

No error message regarding the local connection - just the socket timeout from trying to connect to the sitemap api of (which of course doesn’t work if you have just enabled notifications)
It very much looks like the app doesn’t try the local connection at all…

I also tried the same setup without specifying a remote access url.
And I also came up with the idea of specifying the VPN IP as remote access again but that’s not possible since app input field verification ensures https…

I’d suggest a checkbox with “try local connection first even if you think it’s not reachable”

The solution here isn’t adding a new preference.

This is done for security reasons, but you could use port 8443 on openHAB, it’s https.

Could you try the following workaround:

  • Server A with local (real local) and remote (VPN) connection
  • Server B with remote (myopenhab) connection only. Make this server the primary one.

With that you should receive push notifications, but still are able to use the server remotely.

That actually works!

Thanks a lot, I would never have come to that solution.

So as for multiple servers, the app tries to keep the connection to ALL configurations - not just one?

Minor inconvenience: app complains it can’t subscribe for notifications when connected to vpn. I suppose that’s because there is no notification API at the local (tunneled) openhab instance…

Sorry, I missed your answer.

The app uses the “primary server” for some features, e.g. push notifications. For other things like displaying sitemaps the current server is used, which can be changed in the side menu.