We need to be able to login while using a VPN service

Currently a user is not able to login into any device, app or website while on a VPN. This is not friendly at all. Even though the VPN is not only in the Country of my account its also in the same city as I.

This needs to be fixed, our WIFI service at our office and my service at home use a VPN built into the routers to protect OUR privacy. It does not make sense that we cannot login and use our services without disconnecting from the VPN servers.

[Mod Note]: Your request was moved to this category for better visibility in order for you to receive help from the forum community.

I am sorry this is happening, I think the best thing to do for this issue is to reach out to security@wyze.com and see if they can get it figured out.

VPN’s are highly configurable and vary greatly depending on what type you are using.

I use VPN software 24\7 on my phone. It requires me to manually configure all apps and sites I want to access with very specific settings: allowed networks, WiFi up and down, cell data up and down, Etc.

Some of my access apps and sites require I initiate a secure point to point VPN tunnel that will block ALL internet access to any other app or site outside the tunnel: Lock Down mode.

Every time I uninstall or reinstall the Wyze app or a Beta App release for testing, I have to reconfigure my VPN to allow traffic. If I don’t, I get no connection to the Wyze server or my cams. Once I configure the VPN, all is good and I have full unrestricted access in my Wyze app.

What VPN do you use?
I use NORDVPN and have no problem logging into my cameras or account either using my android phone or computer. I can log in whether I’m on my home network or out of town using a mobile connection while remote viewing. I am constantly connected to my VPN.

I use NordVPN as well in both instances but i am located in Canada which may be the difference.

Thats true but we are using a VPN built into the router. Using a VPN app might have many of those options. The Wyze products should be allowed to function within a VPN connection without additional steps.

Is there a way we can forward them this chat?

Or the VPN on the router needs to be configured to whitelist Wyze. The router VPN is still just software that runs on the router and can be configured as tight or as loose as you choose. There are drawbacks to both ends of the spectrum. But, if you are operating that VPN such that the IP origin is being hidden or masked, I wouldn’t be very likely to allow access to my server either. It’s really a two way street.

i hear you, unfortunately we don’t have those options on our end. Also I don’t have this issue with any other App or service, just the Wyze. Also what if the persons trying to use the service on wifi do not have access to these settings like employees or visitors. It also doesn’t state the issue just says password is incorrect. This also causes users to lose confidence in the product when they cant connect.

I am getting a lot of great fix ideas in this community but VPN’s are becoming more common these days and products need to be able to work on them without requiring complex solutions.

While vpns are becoming more common, so are attacks using it, and more and more companies are blocking them. Using a vpn makes any form of IP banning useless, and the only way to prevent that is to block known vpn ips, which means users using those vpns will also be blocked.

If it is Client VPN software: Configure it.
If it is Router VPN software with admin access: Configure it.
if it is Router VPN software without admin access: Disconnect WiFi on the device and use cellular data with a configurable VPN client on the device.

This behavior has been noted in the past. Any loss in connectivity with the credentialing server, for whatever reason, will result in the preloaded app timeout message saying it is a username and password issue. It would be nice for the app to indicate “No Connection” or “Access Blocked”. Perhaps this would be a good #wishlist request.

I have much more confidence in Wyze Security knowing they have restricted the use of VPN Services for the obvious reasons. It means they are taking these server attacks seriously and safeguarding my personal data, the same as they are doing by implementing the 2FA requirement.

VPN software and services were great when they first started several decades ago before bad actors found a way to use that good technology for nefarious purposes. Now, because of their misuse, they have become suspect as a means to gain access from regions that would have otherwise been blocked.

VPN Services allow for very simple Geospoofing. A Credential Stuffing or Brute Force Hacker in a region IP blocked by Wyze and known for frequent server attacks could very easily use a VPN Service to make it look like they were accessing the Wyze Server from anywhere else in the world, to include any IP region allowed by Wyze. It’s really hard to block the hackers when you can no longer tell where they are. Instead, the tool they use to get in, the Geospoofing VPN, is blocked.

There are many here using the Wyze app behind both Client and Router VPNs that are able to successfully access their accounts and cams because the VPNs are configured such that they pass the Wyze Security requirement for IP origin and Geolocation. This is because the VPN is configured such that it does not mask, hide or spoof the device origin IP location. If you are on a network that refuses to be configured as such, I would seriously suggest a different network. If that is an absolute impossibility, the only solution is to work directly with Wyze Security to verify the VPN and Network for access to your account while on that network.

Is it Wyze implementing these security measures causing the issue or is it the bad actors using VPNs to attack the Wyze Servers, thereby making VPN use suspect, that has caused this situation? VPNs are on the user side, not on the Wyze side. Would you let someone into your house who you don’t know and is wearing a disguise? I’m certainly glad Wyze doesn’t.

I will continue to advocate for Wyze implementing effective security protocols to protect my data.

I hear you and cannot disagree with your points, they are all valid and i like your passion.

You seem to be a person that is very knowledgeable with these types of setups or have spent the time figuring it out.

My point and position is that this is a consumer product and not all consumers either have the expertise or the time to invest to go through what you describe. Especially consumers that are paying for a subscription service. Some people barely know how to operate their devices and they might not be aware if the WIFI they are using is on a VPN.

Blocking all IP’s that belong to VPN’s is a catch all solution that will stop common people from using the service. If attacks are happening then block the attacks based on other criteria.

The perfect spam filter would not allow any emails through, no one would use it. The systems need to have the flexibility to allow either users to specify they are using a VPN or find ways to minimize the interruption.

I have been using Wyze products since they first started selling it (day 1) V1 products and have upgraded to the latest version. Security is important to me as well but also ease of use.

My comments on here are meant to help the company get better!

Agreed. This is a consumer product. And, consumers who do not know how to operate or configure a VPN should not be installing them.

If they find themselves unable to connect on specific networks but not on cellular data or other networks, it is that specific network causing the issue, not Wyze’s security protocol. I encounter networks on a regular basis that restrict any streaming traffic. That isn’t Wyze, that is the network administrator.

To my knowledge Wyze isn’t blocking all VPNs. As stated before in previous posts, there are many users connecting successfully from within properly configured VPNs that meet the Wyze Security requirements. These are VPNs that can be verified for user IP origin. This is a VPN configuration issue to meet the Wyze Security requirements, not a Wyze lowering the security requirements to allow all VPNs access issue.

The system does have flexibility. Those VPNs that are configured appropriately to allow for user IP Geolocation verification are being allowed to connect. Those VPNs not allowing this are not. The point is to eliminate anonymous, incognito, covert access to the servers. Everyone gets verified. If the VPN isn’t allowing this then a big red flag and siren should be going off.

EDIT:

After thinking about this a bit more and considering how my Wyze app loads or how login reacts after I install a new Beta Test App; or after I place my VPN in secure or lockdown mode and forget to release it to normal operation: What steps have you taken to verify that it is not the VPN blocking your outbound traffic to Wyze rather than Wyze blocking your inbound traffic to the server?

I’m mostly with you on this, Slab, even though I only use VPNs for work. And I wasn’t aware Wyze was using Geo restrictions.

However I do think it’s important to distinguish between connections that DO use a VPN tunnel to access Wyze gear, and connections that are configured to BYPASS, exempt, or split from such tunnels. The latter is a common way to “get it to work” for client VPN software on mobile, but of course exposes the phone’s native IP to Wyze and P2P servers.

I completely agree with you, being able to log in while using a VPN is essential these days. It’s important to protect our privacy and security online, and many people use VPNs for that reason.

Welcome to the Wyze User Community Forum @Ferdekalen!

Is Wyze not allowing a connection thru your VPN or is your VPN blocking the outside connection to Wyze?

SlabSlayer you are coming at this post from a really advanced setup point of view. You seem to be very knowledgeable in IT systems. I am coming from a very basic level. I am not an advanced level person, i have no way of knowing what is blocking what.

I only use Nord VPN as a client on our internet router setup as OpenVPN.

Nord Setup764×628 31.9 KB

I am sure you will be able to explain a lot more than i know of how my setup can change to make it work. The point I am making is i have many other smart devices none that are impacted by my VPN (at this point).

Although i am not an IT specialist I do work in Engineering and create products for the industrial sector. The entire point is when you work on products you have to make sure they are user friendly otherwise your consumers lose interest. Remember the Blackberry? Very few do, One of the reasons they did not survive is they put more emphasis on security for browsing making it slow and painful while Apple was unsecured but fast. There are many reasons for BB fall this was just one, Apps was the another.

I must say that the VPN issues seems better the last few weeks, not sure if anything has changed. But it does come and go, i currently only see this when i try to login to my wyze account or wyze web login.

It’s important to protect our privacy and security online, and many people use VPNs for that reason. Unfortunately, it sounds like you’re running into some issues with being able to log in while using a VPN service. you may want to check out different VPN providers to see if they have any solutions or workarounds for this issue.

[Mod Edit]: Spam references removed.

I really don’t quite get it really. People trust a random VPN startup more than their own ISP. Ah well, to each his or her own security blanket I guess.

(Hint: what is more likely being monitored, a low cost foreign VPN service or every connection through Comcast and Verizon. The answer of course is “yes”.)