HI Friends.
I followed all the steps of this page
https://www.juanmtech.com/home-assistant-remote-access/
The certificates were created and i can check them.
And the configuration.yaml
http:
base_url: xxxx.duckdns.org
ssl_certificate: '/etc/letsencrypt/live/xxxx.duckdns.org/fullchain.pem'
ssl_key: '/etc/letsencrypt/live/xxxxx.duckdns.org/privkey.pem'
But the page does not respond
telnet xxxx.duckdns.org 443 not respond
Woooo back up. Why would you forward every port between 443 and 8123 to home assistant? Bad bad practice.
You only need to forward one port (8123), and you also need to specify the port number in your config, like
base_url: xxxx.duckdns.org:**portnumber**lol.
The problem is that I do not understand the modem.
It says start port and end.port.
I thought I was opening ports 443 through 8123.
If so, I do not know how to do NAT in this modem
LOL. Now I can not access the raspberry. I had the password by default
That’s exactly what you were doing. Opening EVERY port from 443 to 8123…
Why would you do that?
because nothing worked and I ended up opening all the ports to be sure.
This is how people get hacked…
Thanks for the help
In this page https://www.juanmtech.com/home-assistant-remote-access/ say
## **Step 4 – Edit the configuration.yaml file and test the connection**
Ok, so the certificate is now created. If you had to use port 443 instead of port 80 for the **ha_lets_encrypt** port forwarding rule, you should delete it now. If you used port 80, then you can leave it as it is. Then, create a new port forwarding rule using the following information:
* Service name: ha_ssl
* Port Range: 443
* Local IP: Your_Home_Assistant_IP
* Local Port: 8123
* Protocol: Both
How do I do this on this router because this does not do a nat from port 443 to 8123. What it does is open that range
my configuration.yaml
http:
# Secrets are defined in the file secrets.yaml
api_password: !secret http_password
# Uncomment this if you are using SSL/TLS, running in Docker container, etc.
ssl_certificate: /etc/letsencrypt/live/x.duckdns.org/fullchain.pem
ssl_key: /etc/letsencrypt/live/x.duckdns.org/privkey.pem
base_url: x.duckdns.org:8123
Thanks
Why do you want to use 443?
I have problems authenticating spotify. From what I read my connection should be https
As it configures everything, I can not get it to connect by this protocol
With regard to port 443 I base myself on the tutorial that can
Use port 8123
Excellent There it worked with port 8123.
Thank you
In that example you gave, it most certainly only opens ONE port. 443. In YOUR router you would need to open port range 443 to 443 (one port in the range) and forward that to 8123, assuming you want to use 443 instead of 8123. The problem here is a lack of understanding your router’s capabilities, something you need to spend a few minutes learning.
Thank you friend
Hi. I still have some problems.
I can not forward from port 443 to 8123, so configure x.duckdsn.org:8123.
Now I find a problem. Inside my house I can not access by the name of dns, I have to do it with the ip number 192.168.0.2:8123.
This means that when I want to enter it does not allow me to do it as a safe connection.
And when I want to install the IOS app it does not allow me to put a local address.
What am I doing wrong? Thank you
This means your router doesn’t support hairpin Nat. Figure out how to hairpin Nat and it will work.
Or set up your internal dns server to resolve x.duckdns.org to your internal ip address of the hass machine.
@flamingm0e @nickrout
my router does not allow nat to an internal port. In that case, they mean that I have another method to do it? Excuse me but I do not speak English and it is difficult to interpret the technical. Thank you