Auth-Unauthorized ip when accessing the GUI

Sonarr version (exact version):
Mono version (if Sonarr is not running on Windows):
OS: LSIO docker
Debug logs:
Description of issue:

So I have two sites connected via an IPsec tunnel through pfsense. I have both Sonarr and Radarr LSIO containers (among others like Plex, Deluge, NZBGet, etc.) on both sides and I can access everything from either site until now when I cannot access ONLY the Sonarr on one of the sites for some reason. There is no issues with routing, I’m 100% sure of that as I did a packet capture on several interfaces and forward/return traffic flow properly to/from the destination/source.

The problem is when I’m on Site A and I’m trying to access the Sonarr GUI on Site B, I get this in the Sonarr docker container logs:

[Info] Auth: Auth-Unauthorized ip url 'http://{ServerName}:8989'

  • I have no problems accessing it when I’m on Site B (same site)
  • From Site A, I have no problems accessing ALL docker containers (including Radarr) on Site B.
  • From Site B, I have no problem accessing ALL docker container (including Sonarr and Radarr) on Site A.

So for some reason, the Sonarr on Site B is like blocking connections from the subnet saying that the source IP is “not authorized”. I cannot see a setting that is related to this behavior in the GUI.

Please help. Thanks.

That log message is logged whenever a request is made that requires authentication, but the request wasn’t authenticated, missing API key for API requests or forms/basic auth for other assets, it doesn’t prevent you from logging in, you just need to log in.

The problem is I don’t even get a login whatsoever? The GUI just doesn’t load at all?

And just to test, I disabled authentication in the Sonarr GUI but I still don’t get back anything.

There’s really something in the server blocking the connection somehow, but like I said I can see return traffic coming back to the source machine. All I get this is this spinning wheel:


If you’re interested, here’s the packet capture for the network interface where the Linux host of the Sonarr docker container is connected to:

Unless you’re using a reverse proxy there is nothing in Sonarr that would block it. The only difference between Radarr v3 and Sonarr v3 be .net core vs mono, but that shouldn’t make a difference.

I don’t have any ideas on this one.

Yeah, this issue is really bizarre. The Sonarr container on the other side works fine when accessed from Site B.