[GH-ISSUE #3083] Private HTTP resource - Windows Client #17289

New Issue

Open

opened 2026-05-18 17:46:49 -05:00 by GiteaMirror · 13 comments

GiteaMirror commented 2026-05-18 17:46:49 -05:00

Owner

Copy Link

Originally created by @cdodd592 on GitHub (May 15, 2026).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/3083

Describe the Bug

Please see discussion #3051 for details.

When using pangolin client V 0.10.2 (GUI version) the windows machine cannot reach private resources when on a LAN. Other devcies on lan such as MAC laptop and phone are able to access the private resouece.

Environment

• OS Type & Version: Ubuntu 24.04.3 LTS
• Pangolin Version: V1.18.3 --> running on a IONOS VPS
• Gerbil Version:1.4.0
• Traefik Version:v3.6.12
• Newt Version: v1.12.5

To Reproduce

When i do a nslookup on windows pc it shows the following:

server:unknown
Address:IP of my internal DNS server

Non authoritive answer:
name:[domain name of resource]
address:public ip of my VPS where pangolin is running

When i do a curl from my windows PC i get 404 page not found - same error message if i try to browse to the resource via the domain

Expected Behavior

i should be able to access the private resource when the Pangolin client is running.

Originally created by @cdodd592 on GitHub (May 15, 2026). Original GitHub issue: https://github.com/fosrl/pangolin/issues/3083 ### Describe the Bug Please see discussion #3051 for details. When using pangolin client V 0.10.2 (GUI version) the windows machine cannot reach private resources when on a LAN. Other devcies on lan such as MAC laptop and phone are able to access the private resouece. ### Environment - OS Type & Version: Ubuntu 24.04.3 LTS - Pangolin Version: V1.18.3 --> running on a IONOS VPS - Gerbil Version:1.4.0 - Traefik Version:v3.6.12 - Newt Version: v1.12.5 ### To Reproduce When i do a nslookup on windows pc it shows the following: server:unknown Address:IP of my internal DNS server Non authoritive answer: name:[domain name of resource] address:public ip of my VPS where pangolin is running When i do a curl from my windows PC i get 404 page not found - same error message if i try to browse to the resource via the domain ### Expected Behavior i should be able to access the private resource when the Pangolin client is running.

GiteaMirror commented 2026-05-18 17:46:50 -05:00

Author

Owner

Copy Link

@AstralDestiny commented on GitHub (May 15, 2026):

If you nslookup a private resource what does it show? It should show like the ip to be 100.96.128.1 or so. Does the client say connected or registering?

<!-- gh-comment-id:4460539329 --> @AstralDestiny commented on GitHub (May 15, 2026): If you nslookup a private resource what does it show? It should show like the ip to be 100.96.128.1 or so. Does the client say connected or registering?

GiteaMirror commented 2026-05-18 17:46:50 -05:00

Author

Owner

Copy Link

@cdodd592 commented on GitHub (May 15, 2026):

When i do a nslookup on windows pc it shows the following:

server:unknown
Address:IP of my internal DNS server

Non authoritive answer:
name:[domain name of resource]
address:public ip of my VPS Server where pangolin is running

When i do a curl from my windows PC i get 404 page not found - same error message if i try to browse to the resource via the domain

When i do the nslookup on my apple MAC laptop that is able to access the private resource when usingt he pangolin client it shows the ip as 100.96.128.1

Looking at the logs i can see the following

2026-05-10 13:59:23.000 [INFO] Set DNS servers: [100.96.128.1]
2026-05-10 13:59:26.000 [INFO] Adjusted peer 1 to point to relay!
2026-05-10 13:59:31.000 [INFO] WireGuard connection to site 2 is CONNECTED (RTT: 5.2035647s)
2026-05-10 13:59:31.000 [INFO] WireGuard connection to site 1 is CONNECTED (RTT: 74.1616ms)

<!-- gh-comment-id:4460626713 --> @cdodd592 commented on GitHub (May 15, 2026): When i do a nslookup on windows pc it shows the following: server:unknown Address:IP of my internal DNS server Non authoritive answer: name:[domain name of resource] address:public ip of my VPS Server where pangolin is running When i do a curl from my windows PC i get 404 page not found - same error message if i try to browse to the resource via the domain When i do the nslookup on my apple MAC laptop that is able to access the private resource when usingt he pangolin client it shows the ip as 100.96.128.1 Looking at the logs i can see the following 2026-05-10 13:59:23.000 [INFO] Set DNS servers: [100.96.128.1] 2026-05-10 13:59:26.000 [INFO] Adjusted peer 1 to point to relay! 2026-05-10 13:59:31.000 [INFO] WireGuard connection to site 2 is CONNECTED (RTT: 5.2035647s) 2026-05-10 13:59:31.000 [INFO] WireGuard connection to site 1 is CONNECTED (RTT: 74.1616ms)

GiteaMirror commented 2026-05-18 17:46:50 -05:00

Author

Owner

Copy Link

@LaurenceJJones commented on GitHub (May 15, 2026):

So the problem is more pointing towards that windows is not respecting the dns server change.

Have you configured an override via the network settings to point towards an internal DNS server instead of relying on DHCP from your router?

<!-- gh-comment-id:4460672538 --> @LaurenceJJones commented on GitHub (May 15, 2026): So the problem is more pointing towards that windows is not respecting the dns server change. Have you configured an override via the network settings to point towards an internal DNS server instead of relying on DHCP from your router?

GiteaMirror commented 2026-05-18 17:46:51 -05:00

Author

Owner

Copy Link

@cdodd592 commented on GitHub (May 15, 2026):

So the problem is more pointing towards that windows is not respecting the dns server change.

Have you configured an override via the network settings to point towards an internal DNS server instead of relying on DHCP from your router?

yes it seems that is the problem.

When i set the DNS in the pangolin client under primary upstream DNS server to 100.96.128.1 i get the same eg i cannot access the private http resource.

when the Pangolin client is active if i go into network settings and manually set DNS to 100.96.128.1 i am able to access the private resource as well as still access websites such as Amazon etc

What is stranger is if i disable my ethernet NIC and connect my PC to phone hotspot so it is using 4g via my phone, once pangolin client is enabled it is able to get to the private http resource fine and nslookup shows the expected 100.96.128.1 as the address

I have also tried disabling norton firewall and windows firewall incase that was causing issues and that makes no difference

<!-- gh-comment-id:4460829767 --> @cdodd592 commented on GitHub (May 15, 2026): > So the problem is more pointing towards that windows is not respecting the dns server change. > > Have you configured an override via the network settings to point towards an internal DNS server instead of relying on DHCP from your router? yes it seems that is the problem. When i set the DNS in the pangolin client under primary upstream DNS server to 100.96.128.1 i get the same eg i cannot access the private http resource. when the Pangolin client is active if i go into network settings and manually set DNS to 100.96.128.1 i am able to access the private resource as well as still access websites such as Amazon etc What is stranger is if i disable my ethernet NIC and connect my PC to phone hotspot so it is using 4g via my phone, once pangolin client is enabled it is able to get to the private http resource fine and nslookup shows the expected 100.96.128.1 as the address I have also tried disabling norton firewall and windows firewall incase that was causing issues and that makes no difference

GiteaMirror commented 2026-05-18 17:46:52 -05:00

Author

Owner

Copy Link

@AstralDestiny commented on GitHub (May 15, 2026):

Are you populating the dns tunnel settings? or something odd?

<!-- gh-comment-id:4460897780 --> @AstralDestiny commented on GitHub (May 15, 2026): Are you populating the dns tunnel settings? or something odd?

GiteaMirror commented 2026-05-18 17:46:52 -05:00

Author

Owner

Copy Link

@AstralDestiny commented on GitHub (May 15, 2026):

Ouch you have norton in 2026?

<!-- gh-comment-id:4460899643 --> @AstralDestiny commented on GitHub (May 15, 2026): Ouch you have norton in 2026?

GiteaMirror commented 2026-05-18 17:46:53 -05:00

Author

Owner

Copy Link

@cdodd592 commented on GitHub (May 15, 2026):

Below are the settings that i am setting in the app, these are the same across all my devices i am testing it with (windows PC, Apple MAC, android phone)

<!-- gh-comment-id:4460994426 --> @cdodd592 commented on GitHub (May 15, 2026): Below are the settings that i am setting in the app, these are the same across all my devices i am testing it with (windows PC, Apple MAC, android phone) <img width="576" height="593" alt="Image" src="https://github.com/user-attachments/assets/95c618bf-fedb-4131-a595-40200351b38f" />

GiteaMirror commented 2026-05-18 17:46:53 -05:00

Author

Owner

Copy Link

@AstralDestiny commented on GitHub (May 15, 2026):

Loz was asking if you define your local dns server via windows directly or via your router pushing the config to windows.

<!-- gh-comment-id:4461022363 --> @AstralDestiny commented on GitHub (May 15, 2026): Loz was asking if you define your local dns server via windows directly or via your router pushing the config to windows.

GiteaMirror commented 2026-05-18 17:46:54 -05:00

Author

Owner

Copy Link

@cdodd592 commented on GitHub (May 15, 2026):

Router pushes it out to clients. I am running a technium DNS server on the network.

<!-- gh-comment-id:4461041298 --> @cdodd592 commented on GitHub (May 15, 2026): Router pushes it out to clients. I am running a technium DNS server on the network.

GiteaMirror commented 2026-05-18 17:46:54 -05:00

Author

Owner

Copy Link

@AstralDestiny commented on GitHub (May 15, 2026):

nslookup <private resource> 100.96.128.1

<!-- gh-comment-id:4461094504 --> @AstralDestiny commented on GitHub (May 15, 2026): ``nslookup <private resource> 100.96.128.1``

GiteaMirror commented 2026-05-18 17:46:55 -05:00

Author

Owner

Copy Link

@LaurenceJJones commented on GitHub (May 15, 2026):

Could you enable logging within preferences, disconnect and reconnect to the tunnel and provide those logs to laurence @ pangolin.net

<!-- gh-comment-id:4461727424 --> @LaurenceJJones commented on GitHub (May 15, 2026): Could you enable logging within preferences, disconnect and reconnect to the tunnel and provide those logs to `laurence` `@` `pangolin.net`

GiteaMirror commented 2026-05-18 17:46:56 -05:00

Author

Owner

Copy Link

@cdodd592 commented on GitHub (May 15, 2026):

nslookup <private resource> 100.96.128.1

When i do this it shows the following:

Server: unknown
Address: 100.96.128.1

Name: [private http domain]
address:100.96.128.8

<!-- gh-comment-id:4462271028 --> @cdodd592 commented on GitHub (May 15, 2026): > `nslookup <private resource> 100.96.128.1` When i do this it shows the following: Server: unknown Address: 100.96.128.1 Name: [private http domain] address:100.96.128.8

GiteaMirror commented 2026-05-18 17:46:56 -05:00

Author

Owner

Copy Link

@cdodd592 commented on GitHub (May 15, 2026):

@LaurenceJJones i have just emailed you the logs

<!-- gh-comment-id:4462319274 --> @cdodd592 commented on GitHub (May 15, 2026): @LaurenceJJones i have just emailed you the logs

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

rdp-ssh

dependabot/npm_and_yarn/prod-patch-updates-94425a55d0

dependabot/npm_and_yarn/dev-minor-updates-4aaf4dbce4

dependabot/go_modules/install/minor-updates-a249525a56

crowdin_dev

auto-update

dev

fix-site-delete

fix-3104

exit-node-reconnect

fix-logoUrl

button-to-rebuild-association

dependabot/npm_and_yarn/brace-expansion-5.0.6

copilot/fix-documentation-input-output-types

dependabot/github_actions/sigstore/cosign-installer-4.1.2

redis

resource-policies

dependabot/npm_and_yarn/next-15.5.18

dependabot/npm_and_yarn/fast-uri-3.1.2

s3

dependabot/npm_and_yarn/fast-xml-builder-1.2.0

dependabot/npm_and_yarn/axios-1.15.2

dependabot/npm_and_yarn/next-intl-4.9.2

dependabot/docker/node-26-alpine

dependabot/docker/docker/library/node-26-slim

dependabot/npm_and_yarn/multi-7bdfbe8666

dependabot/npm_and_yarn/multi-d2fd79378c

dependabot/npm_and_yarn/uuid-14.0.0

dependabot/npm_and_yarn/postcss-8.5.10

dependabot/github_actions/actions/setup-node-6.4.0

dependabot/npm_and_yarn/next-16.2.1

dependabot/npm_and_yarn/recharts-3.8.1

cross-org-idp

breakout-sites-tables

ssh

delete-account

msg-delivery

org-only-idp

cicd

patch

site-targets-auto-login

1.18.4

1.18.3

1.18.2

1.18.1

1.18.0

1.18.0-rc.0

1.17.1

1.17.0

1.17.0-rc.0

1.16.2

1.16.1

1.16.0

1.16.0-rc.0

1.15.4

1.15.3

1.15.2

1.15.1

1.15.0

1.15.0-rc.0

1.14.1

1.14.0

1.14.0-rc.0

1.13.1

1.13.0

1.13.0-rc.0

1.12.3

1.12.2

1.12.1

1.12.0

1.12.0-rc.0

1.11.1

1.11.0

1.10.3

1.10.2

1.10.1

1.10.0

1.9.4

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.3

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.0

1.3.2

1.3.1

1.3.0

1.2.0

1.1.0

1.0.1

1.0.0

1.0.0-beta.15

1.0.0-beta.14

1.0.0-beta.13

1.0.0-beta.12

1.0.0-beta.11

1.0.0-beta.10

1.0.0-beta.9

1.0.0-beta.8

1.0.0-beta.7

1.0.0-beta.6

1.0.0-beta.5

1.0.0-beta.4

1.0.0-beta.3

1.0.0-beta.2

1.0.0-beta.1

Labels

Clear labels

api

authentication

bug

config

dependencies

docker

documentation

enhancement

good first issue

help wanted

Improvement

Look Into

needs investigating

networking

new feature

non-critical bug

potential bug

pull-request

Mirrored from GitHub Pull Request

question

reverse proxy

Security

stale

ui

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/pangolin#17289