DuckDNS Local Access Problem

Installation Home Assistant OS
1

Hello. I can reach HomeAssistant from outside of the network with my duckdns link. But at local network I have to use IP address.

My Modem is Huawei HG658 V2. I think it doesn’t support NAT loopback. Also I couldn’t change anything about DNS at modem.

I tried dnsmasq. But it didn’t work.

What should I change to use single URL?

Port Forwarding

port
port966×541 49.2 KB

Remote URL what works -> https://xxxxx.duckdns.org
Local URL that works -> https://192.168.1.99:8123

Hassio duckdns addon config

{
  "lets_encrypt": {
    "accept_terms": true,
    "certfile": "fullchain.pem",
    "keyfile": "privkey.pem"
  },
  "token": "xxxxx,
  "domains": [
    "xxxxx.duckdns.org"
  ],
  "seconds": 300
}

Configuration.yaml

http:
  base_url: https://xxxxx.duckdns.org
  api_password: !secret api_password
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

dnsmasq

{
  "defaults": [
    "8.8.8.8",
    "8.8.4.4"
  ],
  "forwards": [],
  "hosts": [
    {
      "host": "xxxxx.duckdns.org",
      "ip": "192.168.1.99"
    }
  ]
}
2

Any suggestions?

3

I don’t see what you think is broken.
This is how I access my local instance.
I have bookmarks for regular sites and my local HA is stored with an IP address
My duckdns address shortcut has the name, as required to resolve the address when my router external address changes

4

I I want to use duckdns url when i am connected to wi-fi. It is not effective to use 2 bookmarks. Yo have to check if you are connected to wi-fi. I don’t like it.

5

I don’t understand, if you are at home you’re at home, if you are away you are away.
They are two completely different methods of access.
It is not possible to use to use one address for both unless your router supports hairpin NAT.
Sorry I can’t help you, not sure anyone can.

6

Ok I found it. It is working now. Here is the solution.

Port Forwarding
8123 -> 8123
443 -> 8123 (May be not necessary. I didn’t delete old one.)

Single URL
https://xxxxx.duckdns.org:8123

DuckDNS + lets_encrypt

{
  "lets_encrypt": {
    "accept_terms": true,
    "certfile": "fullchain.pem",
    "keyfile": "privkey.pem"
  },
  "token": "xxxxxx",
  "domains": [
    "xxxxx.duckdns.org"
  ],
  "seconds": 300
}

Pi Hole

{
  "update_lists_on_start": false,
  "ssl": true,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "interface": "",
  "ipv6": false,
  "ipv4_address": "",
  "ipv6_address": "",
  "virtual_host": "",
  "hosts": [
    {
      "name": "xxxxx.duckdns.org",
      "ip": "192.168.1.99"
    }
]
}

Configuration

http:
  base_url: https://xxxxx.duckdns.org
  api_password: !secret api_password
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

Each Client(Phone, Desktop etc.) should be set to Static IP and DNS server should be RPi IP Address. Pi Hole add-on converts url to ip address when you are at home. Beside single URL solution, Pi Hole provides ad blocking.

IP Assignment: Manual
IPv4: 192.168.1.x
IPv4 Gateway: 192.168.1.1 (Router)
IPv4 DNS 1: 192.168.1.99 (Pi Hassio)
IPv4 DNS 2: Blank or Router.
7

FYI if somebody is having a similar problem. Adguard or PiHole might also block your request. I had to whitelist my duckdns URL after some filterlist suddenly blocked it.

8

Hang on a tick …

@DavidFW1960 , can you have a look at the above ?
He’s using DuckDNS:8123 which is not the https default, I suspect that it may be bypassing encryption which would infer he’s exposing a non-encrypted path to the WWW
So many things are happening in this config, I can’t make head nor tails of it

9

I was way back doing that. It’s just a port. Forward 8123-8123 in your router and it will do that. It’s still encrypted.
Right now I ONLY have port xxxxx forwarded (actually I use IPv6 so it’s not forwarded but opened) so I have duckdns:xxxxx and it’s green padlock all the way…