Hello, I have my ISP modem/wifi combo with an SSID and a Netgear ORBI with a different SSID connected to the ISP modem/wifi combo in my home (this is on purpose) which is causing a double NAT issue. I have port forwarded the ISP router to my Orbi IP address with port 8132, and I have the Orbi port forwarded to my Hassio HA Pi IP address at port 8132. When I access my x.duckdns org address I get sent to the login page of my ISP router. Anything I’m missing here on why this isn’t working? Thanks in advance!
I think the issue might be that DuckDNS is trying to connect via port 443 (ie. the port for HTTPS communication).
I have a similar setup, except with Google Wifi. What worked for me is, on my ISP router, forwarding external port 443 to the device handling my internal addresses (my primary Google Wifi access point - 192.168.86.1).
Then, on the Google Wifi, I’ve got port 443 forwarded to port 8123 on my Home Assistant server.
I’ve also disabled the wireless and DHCP on my ISP’s router.
This means that you’ll access your Home Assistant on a different port when accessing it at home vs away, or you can just use the external DuckDNS address for both.
Thanks for the reply. Switched the ports around however there was no change. Accessing http: hassio.local:8213 is no longer working. I can get it with https: hassio.local.8213 but I am getting the connection not secure message. DuckDNS still goes to the login page on my ISP router, doesn’t seem to be forwarding into the ORBI at all.
Accessing HASS through https://hassio.local:8123 giving you a “connection not secure” is normal behaviour.
And I think not being able to access through http://… is also normal since you’ve now got it setup for https.
For the DuckDNS address, are you remembering to use https? No need to enter a port number. It will assume port 443 when you use https in the address. So, like this:
https://xxxxxxx.duckdns.org
If it’s still showing your ISP router’s login page, then it’s the port forwarding in that router that isn’t setup correctly yet. Perhaps there’s some model-specific setting on your ISP’s router that I’m not familiar with. On mine, I create a port forwarding rule and need to check that the rule is Enabled. Perhaps you have a similar setting there?
Time to spread the love.
I have also being using Google Wifi for over a year now. Man mesh is so cool… But the double NAT has killed me doing any port forwarding all that time until today.
The key downfall everyone has when trying to solve this problem is they don’t know that their ISP holds onto the modems MAC address for around 30-60min cycles when assigning the public IP address.
So if your like me and most others and have changed your modem to bridging mode and 5 mins later
expected google wifi (or orbi) to take over you will fail.
Here’s what you need to do.
- Go to your modems logs and look for where it says how many seconds 3600(eg an hour) your ISPs DHCP lease is.
DISCONNECT the phoneline from your modem so your ISP can’t see your modem and record the time your disconnected so you know when your can reconnect based on the ISP DHCP lease time you saw in the logs. - In the wizard on your modem choose BRIDGING mode rather than Static or Dynamic. This will allow your modem to still do the decoding part but pass all traffic directly to Google Wifi.
- You must turn off DHCP on your modem otherwise your modem will still assign Google wifi a LAN IP. and that is no good coz it should be assigned a WAN IP from your ISP. Note once your turn off DHCP on your modem you can no longer access the GUI.
- After the time has past since your ISP IP lease renewal time you can reconnect the phoneline to your modem and your ISP router will no longer see your modem’s MAC it will see Google WiFi MAC address and assign it a WAN IP address.
Note in your Google (orbi) Wifi WAN settings you should be configuring them to what suits your internet ADSL need to use PPoE, HFC, VDSL, Fibre customers will select Dynamic.
If you get it right and wait the correct amount of time before connecting your modem back to the net your Google (Orbi) status light should show it as being UP and you can now happily plug your port forwarding settings into Google (Orbi) Wifi and of course use duckdns.