I’ve installed StartOS onto a generic mini-PC with AMD Ryzen 7 Eight Core Processor 8845HS, 32GB PCS PRO SODIMM DDR5 4800MHz and 2TB CORSAIR CORE XT MP600 NVMe PCIe M.2 SSD. The box is now connected via ethernet to my router and I can connect reliably using the StartOS-assigned URL from my Android phone and Apple iPad, both using Chrome. Both are running McAfee anti-virus and firewall, and Surfshark VPN in the background.
I’m also connecting on a WIndows 11 laptop via Chrome browser with same services from McAfee, Surfshark and Chrome. I can connect reliably using the server’s IP address, but connection using the URL is flaky and random. It has worked, once when I stopped then started the StartOS box, but not properly since.
What is it about the Windows 11 connection? I’ve gone through the bonjour routine, including re-installing bonjour. I can see the certificate is trusted in both Windows and Chrome settings. In Active Sessions on StartOS I can see iPad and Android sessions, but my laptop using the IP address just shows as Unknown Device. Is it hign risk connecting using the IP address?
The issue with your Windows 11 connection to the StartOS URL seems related to how mDNS (multicast DNS) functions in your network. StartOS uses mDNS for assigning and resolving its URL (like some-name.local), but there are common challenges on Windows due to the following factors:
Bonjour Service: Windows requires Apple’s Bonjour service to handle .local addresses. If the Bonjour installation isn’t fully functional or your network configuration interferes with it, resolving the StartOS URL will fail. While you’ve reinstalled Bonjour, ensure it is running correctly. You can check the “Services” app in Windows to confirm that the Bonjour service is active and try to reinstall again. Here is our doc and link to file.
Firewall Settings: McAfee antivirus or firewall may block mDNS traffic or interfere with Bonjour communication. Check McAfee settings and allow mDNS or Bonjour traffic explicitly.
VPN Interference: VPNs like Surfshark often block local network traffic, including mDNS, by default. On your Windows 11 device, check if Surfshark has a setting like “Allow LAN connections” or “Bypass LAN traffic.” Enabling this can resolve the issue.
Connecting via IP Address
Using the IP address to connect is a practical workaround, and while it is not as user-friendly, it isn’t inherently risky, especially if you’re using a trusted network. However, connecting by IP bypasses the TLS certificate validation tied to the URL, meaning your connection won’t show as “secure” in the browser. While this is typically fine for personal, trusted setups, relying on the .local URL ensures full TLS encryption and security validation.
I’ve gone through everything you’ve suggested. Bonjour service is running fine. I had already gone through the Common Issues doc and have double-checked everything.
mDNS is allowed explicitly in Firewall Settings, for both public and private. Bonjour is too but only for private, and it appears twice (maybe as a result of re-install?). However, a Surfshark line appears too as ‘Surfshark Block All IPv6’. Would that cause a problem?
I had already added a bypass in Surfshark for my server URL. I’ve tried adding another for the IP address too but it has made no difference.
I changed my network from Public to Private too and that has made no difference.
In Chrome, inspecting the underlying scripts for the server login page reveals these errors when the login fails via the URL (I’ve replaced my URL with ‘MY-URL’):
Failed to load resource: net::ERR_NAME_NOT_RESOLVEDFailed to load resource: net::ERR_NAME_NOT_RESOLVED rpc/v1:1
Service worker registration failed with: main.db4020b2e4a1127a.js:1
TypeError: Failed to register a ServiceWorker for scope (‘https://MY-URL.local/’) with script (‘https://MY-URL.local/ngsw-worker.js’): An unknown error occurred when fetching the script.
I’m going to try restarting my laptop now and will get back to you if that changes the situation.
I’ve restarted the laptop and still cannot login using URL login page, but IP address is good still. 1 error I made in my response above - Bonjour is allowed explicitly in Firewall Settings, for public only. I wrote ‘private’ above.
So to clarify current status: the URL address seems to find the StartOS login page, but returns ‘Unknown Error’ on entering my password. I’ve set Chrome not to cache this page too so I’m assuming it is successfully resolving the URL.
I wonder if the fact that it is showing two instances of bonjour (as you mentioned above) is creating a conflict. In the guide it advises to completely uninstall bonjour and then reinstall. Just speculation but maybe
Uninstalled Bonjour. Removed the 2 bonjour items still remaining as allowed through the Firewall. Re-installed bonjour. 2 bonjour items appeard again in the firewall as allowed through. No change with login page to StartOS via URL - it opens fine but entering password yileds ‘unknown error’. Login via IP address still works fine.
This could be a router related issue. Unplug the power from your router for a full 30 seconds, and plug it back in again. Wait a full 10 minutes before expecting it to work. Go ahead, and restart the Windows 11 machine, while you wait. Make absolutely sure you click “Restart” NOT “Shutdown.” If you are still able to connect via IP address, but not your adjective-noun.local address, something is blocking the mDNS resolution. Likely VPN, firewall, or other Windows security software. There is no security risk to managing your server via IP address. But the Windows machine won’t be able to reliably access services on the server without mDNS functioning properly.
Hi Rexter. Before trying your suggestion, I pinged the URL and it worked fine. I also used the Resolve-DnsName command in Powershell and it responded with the IPv6 and v4 addresses just fine. Still no luck logging in via Chrome using the URL sign in page though, and IP address again still responding fine.
Then I tried your suggestion, switching off the router, unplugging etc… and restarted the laptop. Then ping and resolve-dnsname didn’t work. Also Android phone would no longer connect in Chrome. But iPad still did. IP address in Chrome on laptop works still. Then I found if I switched off the Surfshark VPN on the Android device it let me in. So I did the same on the laptop and hey presto! Connection. And the ping and Resolve-DnsName worked too. This is weird because pinging and Resolve-DnsName worked with the VPN running before restarting the router. And I had tried turning off the VPN and connecting via the URL in Chrome days ago and It still didn’t work.
So having restarted the router, it now seems like there’s some consistency across platforms - Chrome on the laptop, powershell and cmd and also the Android device. Exception is iPad which can connect via Chrome using the URL and with the VPN running too. I have added the server URL as a Bypass in the VPN but it makes no difference. Have to pause the VPN connection completely in laptop to access via URL.
Some progress then but days of my life lost on this!! Thanks greatly for your help.
Contact the VPN provider as to how to allow .local connections with the VPN enabled. If they can’t resolve the issue try another VPN provider. Mullvad has been reported to work fine.
I’ll take a look later.