Accessing local network through VPN on iPhone

Alright so I’m trying to access stuff on my home network while I’m away. I have a UDM Pro. I had this working at one time, but I haven’t needed to use it in a while. Today, I go to connect using my typical L2TP configuration, and it connects just fine. The problem is that (even though “Send All Traffic” is enabled), it seems to still connect to stuff locally, not through the VPN. I don’t know if it’s falling back to local or something, or if it’s simply not trying to tunnel. I also tried WireGuard and Teleport to no avail. I can access the VPN’s gateway (192.168.3.1), but not anything on 192.168.1.x through any of the connections. Last time I tried it on my laptop, it worked as expected. Anyone else have this experience on iPhone?

Edit:
Ok so I figured out some of my problems. It turns out that my L2TP and Teleport connections were working properly. I tried them on cellular when I was able to get service and they worked just fine. My WireGuard connection, on the other hand, was not. Apparently, I created my WireGuard one before an update that requires it to be on a port >1000, so mine just stopped working. I created a new one, edited my config like u/the_cainmp suggested (thank you!), and now that’s working just fine too. The problem with the iPhone on WiFi still remains, though. I’ll update here when I figure it out just in case someone else is experiencing this.

I have not really had trouble with teleport and the default setup before. Is it possible all of your vpn traffic is being sent to its own vlan, and firewall rules are stoping connection to your lan zone? The other thing that happened once was I had a policy registered that blocked ssh externally which gave me issues for a while until I looked at the blocked traffic log, and realized the rules were doing exactly what they were supposed to do

I use Wireguard with my IPhone and UDM pro and have no issues… I can ping every device and open pages etc

For wireguard I had to modify the downloaded config file to hit any local resources. Otherwise it would just connect for Internet access only.

That’s a good thought. I checked earlier whether or not it was all being sent to a vlan, but I don’t have any that it would go to. I’m 99% sure I had some vlan specifically for remote traffic at one point, but it’s not there anymore lol. I’ll look into that stuff some more. Thanks for your suggestions

Interesting. Are you just using the configuration they give you? No changes to anything?

Yeah I thought that might be a thing. I don’t have access to a computer right now to modify the file itself, but I assume you’re talking about Allowed IPs? There’s an option to configure that in the wireguard app, and I’ve set 0.0.0.0/0 in there, but I still can’t access my local stuff. Is that what you had to do?

Yes, QR code scan and go

Yes you have to modify that. I ended up putting all of my local subnets in in addition to 0.0.0.0/24 at the end.

Alright I stuck my subnets in there but it seems that I have something more going on. I’ll keep cracking away at it! Thanks for the help

Mine for example looks like:

192.168.15.0/24, 192.168.20.0/24, 0.0.0.0/0