Can't use the OpenHAB App via VPN

Hey there

I found a strange behavior with the OpenHAB App for Android: I can’t use it. It shows an Error as you can see below

Screenshot_20200903-1715231440×3120 272 KB

I can

• connect to openhab via Google chrome and open the sitemap
  
  

  Screenshot_20200903-1709481440×3120 412 KB
• open grafana on port 3000
• access everything just normal via chrome on port 8080
• see the log on port 9001
• connect to openhab via mobile data and the OpenHAB cloud in the app

I cant

• connect to openhab via mobile data or wifi via vpn in the app

In the screenshot you can see on the bottom that it trys to connect to openhab. However openhab does have a problem as error code 500 means internal server error.

There are no log entries in either logfile regarding this issue.

The vpn is setup in a Fritz box manufactured by AVM. It is not configured to block anything and any other traffic (to the LAN or the internet) works just fine.

Any ideas or things I should test?

Greetings
Felix

You have to configure an own ip for remote access via vpn in the app

Where can I set the IP? I cant find the setting

We are talking about the IP of the smartphone, not the one of the OpenHAB server, right?

Go one Menu back
The Menu-Entry is called “Fernzugriff”
I have configured here the same IP as at the local entry

20200903_1801461080×1846 257 KB

I see… That’s where I put in the myopenhab details…
So there are 3 connections possible

1. Wifi LAN
2. VPN
3. Openhab cloud for example via mobile data.

If I change the “Fernzugriff” Settings then the 3rd connection wouldn’t work if I don’t want to connect to vpn.

Shouldn’t there be three settings depending on the state of the connection. Since the app sees that it is connecting via vpn this should be possible.

@rlkoshak would you be so kind to tag an android app maintainer to discuss this further? I don’t know the names ^^

@mueller-ma, though he’s pretty active on the forums and probably would have seen without the tag.

No, if you are connected via VPN you are already part of your LAN, so 1 + 2 are the same.
OpenHAB cloud would be the real “Fernzugriff”.

I just tested on my smartphone both VPN possibilities, the VPN provided by the MyFritzApp ( “Heimnetz”) and the VPN connection which is setup manually in the FritzBox GUI.
Using the autocreated VPN by the MyFritzApp the openHAB App tried to do a remote connection, in other words the VPN was not detected/used. Using the manually created VPN it worked as expected and it connects to the local IP.
@Felix_Schneider Which VPN do you use?

Yes, however when in vpn I get the error shown in my original post

This works? I use the manual connect set up in the Fritzbox GUI and use the Android vpn setting. This is not working for me resulting in the error shown in my original post.

In the logs I can see that the app is seeing that I am using a vpn. Dou you need the whole log?

Sorry, but I personally can’t even tell on my logs where the connection is made.

Are you using the beta version of the app? That would be a difference to my setup. IMHO the VPN setup should be OK, since the connection via browser works.

No, there shouldn’t be one setting per connection type, but only two: local and remote. VPN is treat as local connection.
Otherwise you would also need a setting for Wi-Fi aware, ethernet and bluetooth tethering

@Felix_Schneider Can you post the log of the app when trying to connect over VPN? Please turn on debug logging before trying (“Erweiterte Fehlermeldungen”).

I get mails for all posts in the Android App category.

I guess the VPN via the App will not work, I found following:
Über das Internet können Sie bequem auf alle FRITZ!-Produkte in Ihrem Heimnetz mit der MyFRITZ!App für Android zugreifen, egal, ob es sich um eine zusätzliche FRITZ!Box, einen FRITZ!Repeater oder FRITZ!Powerline-Adapter handelt. Die MyFRITZ!App für Android installieren Sie einfach auf Ihrem Smartphone oder Tablet. Anschließend können Sie in der MyFRITZ!App unter “Heimnetz” eine VPN-Verbindung zu Ihrer FRITZ!Box herstellen und die Benutzeroberflächen der anderen FRITZ!-Produkte aufrufen.

Understood, however using the VPN of the App a connection to openHAB via the local IP is possible ( hence matching the initial description).

Screenshot_20200904-1528491440×3120 351 KB

The log file is too long to paste in so here it is:
untitled.txt (56.2 KB)

For testing, does using http on port 8080 work any better? The stacktrace points towards some HTTPS-to-HTTP proxying going on.

Yes port 8080 works (with VPN).

However it says that is using the Remote-URL. So I changed the email address in the “Fernzugriff”-Settings and then it didn’t work. So the connection works however it is via the internet which is kind of pointless when using a vpn.
It is no problem for me as the connection via the cloud works just fine but for someone who want to use the vpn for access from outside the LAN this might be problematic.

I assume the quoted part is for the broken https case? If so, it makes sense: the app will try the local connection via VPN first (but gets error 403), and as next fallback tries the remote connection. If the local connection via VPN works it will use just that (I happen to use the app that way).

So https local access works in the local WiFi? If yes, the problem resides somewhere in the server, which for some reason sends HTTP response 403 (forbidden) in the VPN case.

Yes https access ( I assume this is given by port 8443) works. So the problem is that the vpn local connection doesn’t work. Any idea on how to fix this?

So I use port 8080 for lan Access. This is not beautiful but since it is only in my LAN I can live with it.

Unfortunately not I just tried it here (using the latest beta version and server 2.5.8), accessing the server via FritzBox VPN (manually configured in Android, no Fritz app involved): it works just fine, connecting to https via local connection