Hello! New Vaultwarden user here, switching over from LastPass (I’m sure there are going to be a lot of us in the coming days/weeks).
I’ve spent most of this week researching/learning and getting everything set up. I’ve got VW running in the Docker container on my (on-prem) Linux server behind my Apache reverse proxy and everything seems to be working great (web vault, browser extensions, mobile apps, websocket notifications, e-mails, etc. etc.). I’m very impressed and am now wondering why I stuck with LP for so long (12 years!).
Anyway, the one thing I can’t quite figure out is why devices on my internal (home wireless) network all get logged as my router’s IP address (192.168.1.1). Not a huge deal, except I also set up fail2ban and a few times already accidentally ended up banning that IP and then all internal traffic to VW stopped working. Also, that IP shows up in e-mails like “a new device signed in.” Again, not a huge issue since it’s all internal, and external traffic (i.e., if I turn off WiFi on my phone) is all logged properly.
After researching in these forums and the internet at large I’ve tried playing around with the ip_header settings, between X-Real-IP and X-Forwarded-For and have the RequestHeader stuff in the Apache config, but just can’t seem to figure out the magic combination to get the actual device IP logged.
I’m wondering if it’s related to my network config. I have the (typical?) three VLAN setup (primary, guest, IoT) so I’m trying to look at all the various firewall rules on my ER-X from when I set this all up years ago to see if it’s something with NAT/hairpin, etc.
Any hints? And thanks!
### Your environment (Generated via diagnostics page)
* Vaultwarden version: v1.27.0
* Web-vault version: v2022.12.0
* Running within Docker: true (Base: Debian)
* Environment settings overridden: true
* Uses a reverse proxy: true
* IP Header check: true (X-Forwarded-For)
* Internet access: true
* Internet access via a proxy: false
* DNS Check: true
* Time Check: true
* Domain Configuration Check: true
* HTTPS Check: true
* Database type: SQLite
* Database version: 3.39.2
* Clients used:
* Reverse proxy and version:
* Other relevant information: