Thanks again for the hint! The NAS and HA has different internal ip address. I use different external portal and so mapping to different internal ip address.
I’m not using Duck DNS, instead from no-ip.com, and the update of ddns is done by the NAS. No Duck DNS add-on installed.
I installed fail2ban on pi. checkes iptables and didn’t find and blocked ip address. I also refeshed the external ip address, problem remains.
I has some ideas to do about the NAT issue in #15, but didn’t have time to do in the weekend. Next step I will try also to upgrade the homeassistant, see if that can help anything.
An update today. I set another portal mapping, use another portal map to local pi 8123 port. And all the cases are:
- with external url https://url (default 443): Frontend cannot reach. But Alexa voice control has no problem.
- with external url https://url:yyyy (port for my NAS): NAS can access
- with external url https://url:zzzz (new created port for HA): I can now open the frontend.
Seems only the 443 port has this issue, but Alexa voice control with 443 works well.
Alexa probably doesn’t need port forwarding; NAT is doing its job.
Hello pocket,
finally I got chance to prove where the problem came from. It is just like you said.
I figured out that my router from Vodafone automatically updated its firmware (to version 07.03). The new firmware version is even not published on Vodafone website, on Vodafone website it is still 06.01. I download the 06.01 and manually load it to the router, after restart I can access my HA with the external URL as before, but unfortunately the router detected the new FW version and immediately upgraded again to 07.03. And no surprise I lost the access again.
The route configuration interface doesn’t provide the option to configure the NAT loopback. So I now know the problem but no way to solve it…
Luckily the Alexa voice control isn’t impacted, and I now use another portal for the HA frontend as an alternative. That is the best I can do so far.
Thank you again very very much for the guiding!
You’re giving me too much credit. It was @francisp who first mentioned firmware and @jimz011 who first mentioned loopback. I just nudged you pretty much in the same directions. To be honest, I had to go back to the books to remember the limitations of port forwarding, so it was a good exercise for me.
I’d say, try another router and put your modem in bridge mode (if it even has support for that). This might or might not help. Not entirely sure, but I believe that a decent router (heck even a 30 euro tp link) should do the trick. But honestly I am not entirely sure of this.
Thank you a lot too!
Unfortunately the vondafone router is from the DSL provider, it is bonded. I guess I have no chance to change it.
Thank you very much!
Here I need to disable 4g to access HA internally (http://…:8123). Is this normal behavior? I’m using NGINX
It depends, what port do you access it on externally?
Im using the port 9821
Here everything is working correctly except for this detail.
I can access externally via wifi or 4g (https://…duckdns.org:9821/)
And I can access internally by WIFI through http://ip…:8123. But for that I need to disable the 4g
Had this same problem for the last few days. While reading and searching on al the forums I found out what the problem was and solved it yesterday.
What i found out was that the new device I installed was using port 443, same port as HomeAssistant external port (correct me if i’m wrong). Since the new device only needs port 443 for updates (as far is I could see) homeassistent is more importent.
My new router settings:
UPnP disabled
Hassio port forward: internal 8123, external 443. Protocol TCP.
Works like a charm since.