The ban reappeared to me too. Worked fine for a few weeks but then is back. It is the companion app for sure. For me started only when I setup widgets. For you as well @dougle03 ?
1 Like
This continually bans my mobile client when I transition from external access to internal access, regardless of the fact that I am coming from the same reverse proxy, from the same NAT’d client address.
While at home, my mobile client exists on VLAN-A, my outbound proxy on VLAN-B, my reverse-proxy on VLAN-C, while Home Assistant resides on VLAN-D. When remote, I use mTLS to authenitcate to my a publicly exposed vIP on my firewall which then NAT’s my device to the same internal IP it has when at home, and routes traffic through the reverse proxy. The only difference is that when connecting to the reverse proxy through the vIP there is an additional mTLS authentication to the reverse proxy, which is normally handled at the outbound proxy.
I recognize that my use case is not likely a standard approach, however the twitchiness of the IP ban is quite frustrating as it’s always after two hours of crawling through firewall, proxy, reverse proxy, routing, and dns logs that I remember about the ip_ban list.
1 Like
I am having a similar issue with the internal IP of an add-on being banned, this makes absolutely no sense that there is no whitelist feature.
In my case, the add-on is at fault, here is the issue if anyone is curious: MPD/YMPD Causing "Invalid Login Attempts" · Issue #3 · Poeschl-HomeAssistant-Addons/mpd · GitHub
Still, the matter at hand is, that we need a way to whitelist or prevent banning of specific IPs.
I have been using the ‘ip_ban_enable’ function for 2 years, and for 2 years we have been regularly blocking our IP on the local network.
I am forced to use my desktop PC through an external VPN to access HA and remove the local IP.
This mainly happens when phones switch to the local WiFi network.
2 user accounts with 2 smartphones (Samsung S23 & S24 - Android).
1 Like
We really do need this. I keep getting banned for similar reasons to @Usernet. I’ve been lucky that I’ve been able to SCP into the server and reset the bans manually, but still.
It should be a relatively simple implementation on top of the ban system.
+1 on this
Same for me, the ip 127.0.0.1 of HA has been banned twice (no idea about the reason), which lead that HA was no more accessible from outside through my Tailscale VPN.
It staied accessible only within my internal lan.
Another month, another IP ban for 192.168.0.1 and another opening of the yaml file then restarting. No idea why there is no whitelist.
And each time, I have to remove the banned IP and restart HA. But since the Samsung (SmartThings) integration is currently bugging, I have to request a new token at every restart.
Ultimately, I convinced myself that ip_ban_enabled was not properly programmed. So, this should be an issue rather than a PR.
I doubt that, otherwise the issue would be more widespread.
192.168.1.1 is the IP of your router - check if you have any devices on your network with an invalid password. Since you mention the Smartthings integration being buggy, I would start by disabling it for a day or 2 and seeing if the bans stop.
Smarthing has nothing to do with this. I already had this local IP ban issue before having any Samsung devices. The IPs of both smartphones get banned most often when switching between Wi-Fi / 5G / Wi-Fi.
I increased the login_attempts_threshold parameter from 5 to 15 to see if it helps…
In that case, I would suggest to log out from both your smartphones and delete the refresh token from HA (Click your profile icon in the bottom left > Security Tab > Android App 3 dots menu > Delete)
Try logging back in on one phone, once via wifi and once via 5G and check if you get a login warning on your dashboard. Repeat with the other phone if this works.
is there a solution that works in 2025 for adding an local IP whitelist?
can’t seem to find one in this thread that works, all seem to be blocked by the configuration
1 Like
I submitted a PR to add a white list. It was closed without review.
So this feature request is never going to happen and should probably be closed.
3 Likes
First of all, thank you for your suggestion.
I tried using a new token, as well as uninstalling and reinstalling the Companion app, but it had absolutely no effect. Switching between 5G and Wi-Fi 5, 15, or 30 times does not systematically trigger the banning of the local network IP. It is a completely random event involving the following factors:
ip_ban_enabled + Companion App + Unknown Event X = Local IP Ban. 
If I’m posting again today, it’s because I got banned from my own network once again, which prevented me from opening my home this afternoon (garage door). Fortunately, I had the foresight to hide a physical key in a Smartlock, as I no longer trust Home Assistant due to its lack of reliability.
I’m not the only one experiencing this issue, and for the past four years, this request has been recurring. But if it is not possible to whitelist an IP, then the bug in the Companion app that causes local network IP bans should be fixed.
After all, fixing the Companion app might be simpler than creating a whitelist when “ip_ban_enabled” is enabled. And disabling “ip_ban_enabled” to avoid local network IP bans would be dangerous.
4 Likes
It’s about time this was fixed…
I can only guess that the main devs are not affected by the problem…
Shame really, as a PR has been done but rejected…
Come on HA devs, what are you doing…? It’s one thing to be too busy, but to close out someone else’s PR to fix the problem without comment etc is very poor…
1 Like
Just got banned myself. A whitelist is needed.
And clearly companion app has a bug, as I get failed login warning very often, from all the devices that are running the app on android, both internal and external networks.
1 Like
Incredible, I hadn’t noticed that the PR had been posted in full, with functional code…
Gentlemen developers, you just have to take a look to find a proposal 
Wish this was implemented. Crazy it is not.
1 Like