Tunnel to private networks not working on phone, works on PC

Related to

WARP

What is the issue you’re encountering

I have a tunnel configured on a Raspberry Pi running cloudflared. I have configured a public hostname to access a Home Assistant instance, and routes to 0.0.0.0/0 and ::/0, so that all IPv4 and IPv6 traffic will go through the tunnel. This setup was working correctly, and I could access the internet and the two LANs the Pi is connected to (192.168.1.0/24 and 192.168.0.0/24) from various devices. However, it has stopped working correctly from my phone when using either mobile data or a WiFi network; I can access the Internet and traffic is being routed through the tunnel, but if I try to access devices on those LANs I get connection refused errors. The public hostname, which points a port on the Pi itself (with an IP on one of those LANs) works correctly. The interesting thing is that everything works as expected on my laptop if I connected to a WiFi network or even share the phone’s mobile data, so it seems obvious there’s some issue with the phone’s settings, but I haven’t touched anything.

Just in case, despite you’ve mentioned “either mobile data”, are WiFi and wired on the same subnet or different ones?

Since you’ve bound it to 0.0.0.0, are you routing your tunnel as dns with public hostname?

Using 1.1.1.1 or some other DNS servers, or maybe WARP?

If you’re not using WARP, at first I tought it might be about TLS decryption or the fact you’d have to install the certificate to your mobile device, however it might not be the case then.

I also use it, for HDL, however it’s bound to the local IP such as 192.168.xx.xx instead. WiFi and wired are on the same subnet at my home. Can access from outside as well, just need internet connection (despite HDL has got even a public static IP firewalled in case I cannot go over a tunnel from HA).