How do I access the web UI of a device on a different subnet while using a VPN?

[hushcoden]

The device I want to access from my Windows laptop is connected to the interface LAN2: LAN is on 192.168.0.1/24 (and my laptop is on LAN) while LAN2 is on 192.168.20.1/24 – I don't use kill switch.

I'm struggling to understand how I can access the web UI of that device which is on a different subnet of my laptop while connected thorugh my VPN (no issue when the VPN is off) ??

Tia.

[tiermutter]

Is there a rule allowing VPN network to LAN2?
Is the software allowing connections from other subnets than LAN2 e.g. OS firewall or software config?

[tiermutter]

And on VPN client: is the LAN2 network routed through the tunnel?

[hushcoden]

Forgot to mention that Proton VPN is installed on my laptop and not on OPNsense.

I did contact ProtonVPN support and their response was "We appreciate the feedback provided, and please note that a limitation of this is that you can only access devices within your immediate subnet. Meaning that if your device is on 192.168.20.1/24, you will not be able to access devices in 192.168.0.1/24, and vice-versa."

So probably that's not possible, but as I'm not good when it comes to networking, I thought to ask here in the forum anyway.

Thanks.

[bartjsmit]

You could NAT the device onto your laptop subnet but you're likely creating more problems than you solve

[tiermutter]

"We appreciate the feedback provided, and please note that a limitation of this is that you can only access devices within your immediate subnet. Meaning that if your device is on 192.168.20.1/24, you will not be able to access devices in 192.168.0.1/24, and vice-versa."

I really can't imagine that it is not possible. It should be up to you routing the client's traffic through VPN or not...
You can try to override pushed routes, defining subnets (all but LAN1, LAN2) that will be routed throgh VPN:
https://openvpn.net/faq/overriding-a-pushed-route-in-the-clients-config-throws-an-error/