Hi this is my first time posting in this forum.
I have a Unifi Express Router configured with a default (tag = 0) and IoT (tag = 20) VLANs.
All my devices sit in the IoT VLAN and HA sits in the default VLAN.
I have firewalls rules that say, in order:
Default → IoT is allowed
IoT → DNS server (IP and port) is allowed
IoT → MQTT server (IP and port) is allowed
IoT → HA (IP and port) is allowed
IoT → Default is not allowed
HA is deployed as a VM in Proxmox and CAN access on my local IoT devices, woohoo!
What doesn’t work are requests from IoT devices (e.g. Google Home Hubs) to HA for Text-to-speech announcements.
I am sure this is a HA issue as the DNS and MQTT requests go through fine.
I “moved” HA into the IoT network which I should still be able to access from the Default network given the first firewall rule but it didn’t… hummm…
I’m tearing my hair out. Any advice?
Try turning off the firewall or adding a rule that allow everything through. If it starts working then it’s a firewall issue, if it doesn’t it’s a networking issue.
1 Like
How can you be sure, when you don’t know the difference in the way they communicate, MQTT / DNS & HA ( HTTP " SSL/TLS" )
2 Likes
Thanks for the suggestion Pete, neither have worked.
I have just tried allowing port 80 for the DNS server (AdGuard) which is accessible from the IoT network.
Also just setup a fresh instance of HA and updated the IP in the firewall rule… it works! So what could be the difference with my original instance?
tmjpugh
May 11, 2024, 10:29pm
6
Text to speech announcement would go from HA (source)to Google Home(destination). Pretty sure that is one way. If your thinking it is firewall issue it is helpful to understand source and destination.
I figured it out… I had tailscale running!
Edit: it was because I had Userspace Networking disabled.
