Is it possible to have MFA when connecting to the server from WAN, but not when connecting from LAN ?
The questions have been asked on this forum before, but didn’t receive a valid answer.
The best solution i.m.h.o. would be the have 2 listening ports, one with MFA and one without.
The answer set up two different profiles
is’n usefull, the unprotected profile would still be available to the internet which is what you want to avoid.
I don’t know of a method to configure MFA in a reverse proxy, that might also be a solution, but it would require home-assistant to be an auth provider ?