Control-UI LAN Access Issues in Docker OpenClaw Bridge Networks

LAN Access Problems in Docker Bridge Networks

A user on r/openclaw describes ongoing difficulties accessing OpenClaw's Control-UI when running in Docker bridge networks. The issue centers on LAN connection handling across different OpenClaw versions.

Version-Specific Behavior

According to the source, version 2026.3.14 briefly allowed LAN connections to the Control-UI with a valid token. However, upgrading or downgrading to other versions broke this functionality. The user specifically mentions version 2026.3.23 still exhibits the problem, with errors including "pairing required" and "missing scope:operater.read."

SSH Tunnel Limitations

The standard SSH tunnel workaround fails in Docker bridge network configurations. When OpenClaw runs on Docker's default bridge network, the host masquerades IP addresses, making SSH tunnel connections appear as remote IPs to OpenClaw. This prevents proper authentication.

Complex Network Configuration

The user's setup adds further complexity: the OpenClaw container attaches to a Wireguard docker network for VPN egress. To work around the LAN access issue, they installed sshd on their Wireguard container, configured user/password permissions, and set up sshd specifically to allow SSH tunnels. This elaborate setup was necessary solely to access the Control-UI of a container isolated from external connections.

The user expresses hope that token-based LAN access to the Control-UI will be restored in future versions to eliminate this maintenance burden.