You say Nabu Casa drops out for you every now and then, but have you considered that it might be your provider that have issues or your devices?
You can traceroute Nabu Casas servers and then make a continous ping to each step along the way and store that in a file.
Once it drops out, then you can look at the ping reports and see where the drop out occur.
It might be so close to your end that other solutions might not solve the issue.
When NC stops working, I have no problems with anything else. In fact Iâve never had a single loss of service from my ISP - itâs fiber.
And hereâs the kicker - when NC says itâs not reaching HA, my HA instance stlll shows NC as âconnectedâ. And all I have to do to get NC working is log off of it from HA, then log back on again. It works immediately.
Iâve been over this 3 times with NC support and they had nothing to offer me.
True, and the âoldâ service of paying bills are also still available here, and my bank and 2 other government -sites actually âdemandsâ access to a computer and your phone, with both manual code in phone-app +phone "reading a QR-code on computer-screen ⌠if it wasnât for auto-giro, it would have been easier to fill in paper-checks and post them ⌠i just wouldnât feel comfortable having a phone/app with no/ -or auto password to open/ or controlling my house/heating-system/garage-port etc âŚ
i.e if you for some reason need/want access to your HA, when abroad or just âawayâ First then you open your phone/laptop>log in to VPN(ONLY the devices you chooses, will be able to login to your VPN), and your there, when your done then close/log-out ⌠when you then drive up your driveway, and your phone-Wifi is within reach(of routers Wifi, or front-cam) an automation could open your garage and turn on lights( thou i would have the âkey-ring port-openerâ within reach ⌠in any cases !, maybe even âhiddenâ in car âŚ
I have a WireGuard addon in my HA addon shop. It might be a solution.
I did the same with my EdgeRouterX (ubiquity âŹ45)
I can acces my network from both my phone as well as W10 and Linux
I have an EdgeRouter 4 too with VPN setup, but I had a Cisco RV200W before and also had VPN on that.
My TPLink router has OpenVPN. That could be a solution. But I know little about VPNs.
If my phone has an OpenVPN client and I connect to my routerâs VPN server - I can then access my HA server by its local LAN IP. I get that. But the phone now sending ALL my browser and email traffic through that VPN connection⌠right?
I donât open 443, I use an obscure port and use ssl from there. Who opens 80?
Wrong, that is an option, but not required and up to you 
Yes, but only if you want to , but yes if you are logged in on(VPN ) on your phone/laptop, anywhere in the world it would, then it would âroundingâ your Router, so it seems like your mailing/browsing from home, again you only open/login on your vpn-client on phone/laptop, when you want access to HA or other âlocalâ resources. If you are home, everything is as usual
Billions, âstandardâ ports are there for a reason
Edit: And your just asking for âproblemsâ, as many places (wifi hotspot / Hotel Wifi etc) uses Standard, and donât allow other-vice ⌠beside i guess you then also have to specify that(whatever) port you use in your Url, and hope you get answer back, from what ever APP you are trying to access ⌠as you not always have the option to change whatever port an app is programmed to âtalkâ on
You could set up certificates for your VPN, then you would not require any passwords, because the authentication happens from the manually installed certificate, which only has to be done once in the certificates lifetime, and the certificates lifetime can often just be set to something like 20 years.
Thanks for the link - I see that Android already supports PPTP and L2TP/IPSec VPNs. And my router has those too. But it looks like theyâre not as good as OpenVPN:
What router do you have?
IKEv2 IPSEC might an option too, if you router supports it and it is just as good as OpenVPN, if not better.
Itâs a TP-Link AX5400. It doesnât have IKEv2. According to that article, PPTP is no longer totally secure (maybe the NSA can get in) and L2TP/IPsec is slower. But those concerns sound overblown to me. I try to avoid anything that require creating an account somewhere and/or installing an app, so the built-in VPNs appeal to me.
The article says that L2TP/IPsec might be blocked by some firewalls, and that concerns me. I might need to access my VPN in a public place like a restaurant or hotel where the wifi might be years out of date.
For what itâs worth, I do L2TP back to home router from my phone, and I let VPN on, on my phone, 100% of the time. Have not experience any blocking event.
Plus, wouldnât hurt to try.
Well it turns out the built-in Android VPN clients arenât an option, and neither is the OpenVPN Android app. They all require a lock screen with a PIN and that is, for me, a total and absolute non-starter.
Looks like I just wasted a lot of time on VPNs. Is there ANY other reasonably secure alternative to Nabu Casa?
wouldnât hurt to try.
My router is running a StrongSwan VPN service.
StrongSwan is open-source based on Linux.
You could go with a StrongSwan Service behind your router.
It still requires an app, but its also open source and provide features like app selection.
You might actually be able to find an image for a StrongSwan server and use that, but make sure that it is from a reliably source. 