On Premise BitWarden using Static Internal IP is inaccessible from within LAN

Hello all,

I have successfully installed BitWarden on a VM, but instead of assigning it a domain name or Public IP, I assigned it a static IP within my LAN. The reason I did this is because I only need to be able to access it from within my LAN. The issue, however, is after BitWarden says it has successfully started and is running, I cannot connect to it using the static LAN IP I gave it during setup. For example, BitWarden starts, and then says I can visit it at the internal LAN IP I assigned it (say 192.168.x.xxx). However, when I go to that IP while in my network, nothing pulls up. I am running my network through a pfSense firewall and am wondering if I need to make a rule to allow HTTTPS (443) connections to that specific LAN IP.

Any ideas on what I need to do to be able to access my BitWarden install from within my LAN? Any help is much appreciated.


I have the same issue… I would only want to access my on-premise vault from within the LAN and VPN to my LAN from outside.

For now, on Android app I can only access trought Internet, and NATed ports from outside. Without them, I cannot access.

I manage my DNS, so I’m accessing the vault using the same external FQDN (Not IP).

Any ideas or guides would be much appreciated.


I´m succesfully using Bitwarden from inside my LAN, and only accesing the on-premise via VPN, and not opened or natted to public Internet.

The installation was a request to open NAT ports to install it, but after install I closed the natted ports and assign a Static DNS in my router, assigning the local IP to the public domain.

On the Android phone that I was troubled, it result that my phone did not honor my local DNS provided by DHCP server, so it was looking for a public IP address when looking for domain. I trick the DNS port 53 with the firewall and redirected all traffic to my local DNS server. Now is working Ok.

Good luck!

Making a guess here, but I assume your system does not recognize the CA for your HTTPS instance?