Use Roon locally with client vlan internet traffic through vpn

I’m tinkering with my Unifi network. My setup is as follows:
macbook (roon client) → vlan ‘work’ → internet through openvpn client (proton vpn)
nuc (roon server) → vlan ‘default’ → internet without vpn

The issue is that Roon can’t find it’s server from the client app.
When I route all ‘work’ traffic through ‘wan1’ without using vpn client, it all works. But I’d like to use vpn for internet traffic.
The strange thing is that if I enable vpn on my macbook itself, Roon still works. That means that my vpn client on Unifi seems to interfere with local Roon traffic.

Both vlans can communicate with each other without issues.

image

The discovery packets that Roon apps use to find the core aren’t routed by most vpns.

MDNS is required for remote discovery of the server and this isn’t always passed via VPN. End point discovery users UDP Multicasts across a range of ports again these are not forwarded over VPN such as this.

Using vpn on Mac your split tunneling internet via VPN and local traffic will bypass it. Using it on your router as network route all traffic will go through it and Roon won’t work. You need to create a split tunnel.

It works for me out of the box on my UniFi setup with WireGuard VPN.

I would assume that vpn traffic is limited to internet traffic and discovery packets would be routed locally, or am I mistaken?

Not if it’s active as you have it. It’s set to all routes looking at your screen grab. You would need define it in the routes section of the UniFi router. Your ip subnet will not see any zones at all on your regular subnet they all need to be assigned to the same network for Roon to see them.