Can't access HA over DuckDNS URL

Hello everyone,

I have my HomeAssistant set up on a Dell Optiplex 3050. It’s connected via LAN to my FritzBox 7590. I’ve set it up and it’s running. Initially, I set up VPN using WireGuard on the FritzBox to connect to HomeAssistant via VPN on my smartphone. It worked, but I didn’t want to always use VPN for this. So, I followed the method using DuckDNS.

I created a DuckDNS account, installed and configured the DuckDNS AddOn in HomeAssistant → it’s working. Here’s the configuration:

domains:
  - xxxxx.duckdns.org
token: exxxxxxxxxxxxxxxxxxxxxxxxxxb
aliases: []
lets_encrypt:
  accept_terms: true
  algo: secp384r1
  certfile: fullchain.pem
  keyfile: privkey.pem
seconds: 300

Then I opened the port in the FritzBox:

It looks good so far.

Home Assistant URLs are also set for public and local to https://xxxxxxx.duckdns.org:8123

And my configuration.yaml looks like this:

# Loads default set of integrations. Do not remove.
default_config:

# Load frontend themes from the themes folder
frontend:
  themes: !include_dir_merge_named themes

automation: !include automations.yaml
script: !include scripts.yaml
scene: !include scenes.yaml

http:
    base_url: https://xxxxxxx.duckdns.org:8123
    ssl_certificate: /ssl/fullchain.pem
    ssl_key: /ssl/privkey.pem
    cors_allowed_origins:
        - https://google.com
        - https://www.home-assistant.io
    ip_ban_enabled: true
    login_attempts_threshold: 5

I also set up DuckDNS as a DynDNS provider in the FritzBox, which provides me with the IPv6 address at DuckDNS.

However, when I try to access my HA from outside using https://xxxxx.duckdns.org:8123, the website is not reachable. It doesn’t work from the local network either. It only works using the local address or the local IP (with https and unsave). I have no idea where to look for the error. Is there a way to find out where the issue might be? Router, HA, or perhaps even the internet provider? I’m with NetCologne.

I would greatly appreciate any tips.

Look at the DuckDNS admin web page (where you created your domain). Does it have the external ip address of your router?

Yes, both (ipv4 and ipv6) are correct. Since I’ve set up DuckDNS as a DynDNS in the FritzBox, I can also access my FritzBox admin page from outside using the DuckDNS URL and the port configured in the FritzBox.

Oh you did it in your router rather than using the DuckDNS addon?

Looking at your port forwarding rule I see the internal ip address but no internal port?

Both. DuckDNS addon for HA and DynDNS in FritzBox.

Port forwarding in FritzBox:

DuckDNS AddOn Settings:


domains:
  - xxxxx.duckdns.org
token: exxxxxxxxxxxxxxxxxxxxxxxxxxb
aliases: []
lets_encrypt:
  accept_terms: true
  algo: secp384r1
  certfile: fullchain.pem
  keyfile: privkey.pem
seconds: 300

With seperate domains?

no, same. And it didn’t work without these DynDNS settings either. I don’t believe the issue is with DuckDNS.

Your issue from my quick glance is that the traffic is coming in on 443 (HTTPS), and your HA is on 8123.

You need to open port 443 (should be open already), and then forward incoming traffic from 443 to 8123.

Unfortunately, that still doesn’t work.

Remove the :8123 from the site address.

Since it is HTTPS it is 443 by default so just try navigating to https://xxxx.duckdns.org

They are not using port 443. They are using 8123 external to 8123 internal:

So my forwarding from 8123 to 8123 was correct?

I’ve actually never seen that done. HTTPS using 8123.

I have seen your posts before, and you are beyond my knowledge of networking so I will defer to you-honestly I have never seen https over a different port.

Yeah it’s definitely valid. If you use 443 as the external port you don’t need to specify a port at the end of the URL if you use anything else, including 8123, you do.

My money is on DynDNS and DuckDNS interfering.

Delete the DynDNS config from the router.

Agreed that is the likley issue.

I had the same exact issue with my router who offered a generic DNS service, and you choose the provider. Never seemed to work, and once I setup DuckDNS with a custom service it has been rock solid.

Already asked that. Can't access HA over DuckDNS URL - #2 by tom_l

1 Like

Right.

I’m no the king of IPV6, but a leading double colon seems wrong…
It means a consecutive blocks of zeroes, and your HA IPV6 address surely do not start with 00:00…
If you are indeed IPV6 enabled, it would explain why your router cannot reach your HA box.

Yes, the WAN IP is correct in duckDNS