DuckDNS wont work outside of network

Is it a new IP address internally?

It is on a new internal ip, yes but i have changed the connection to the new ip in the port settings.

Hi @dudester
Dodo is a Vocus company and they generally don’t do CGNAT or port blocking for DSL customers. The issue will most likely be on your end. It looks like you have configured everything on your modem router correctly.

What IP address shows when you ping philwashere.duckdns.org internally?
Go to whatismyip.akamai.com and make sure the ip matches.

I would recommend that you modify your previous comments to hide some of the information.

OK, thanks for the tip have removed the images.
Within network PING returns same ip as whatismyip lookup.
Outside of network the same PING says name not found…?

Its as if duckdns is not forwarding…?

Duckdns simply updates a public DNS record. When you browse to philwashere.duckdns.org it is really going to the IP address that comes from that DNS record.

If you use your mobile phone (disconnect from your wireless) and go to the ip address shown by whatismyip.akamai.com in a browser with port :8123 does it load?

No, will not load that way internally or externally

What ports is your router listening on? It might be that the web UI of your router is listening on 443 on your external connection.

I would try forward port 8123 to 8123 and then try to connect to ip:8123 externally. I think you had 443 redirecting to 8123 in the end.

Removed the 443 to 8123
Added back 8123 to 8123

Still cant connect going home-isp-ip:8123

and it definitely works going to the internal IP of your HA server on port 8123?

I can’t connect to anything now after removing the 443-8123

Note
After setting up duckdns I never could go direct to the internal IP anymore, it was the duckdns full Https URL which worked internally.

You will need to remove the base_url from your configuration while testing.

you can use the HTTPS://IP.ADDRESS:8123 locally. You will get a warning but it will work

1 Like

Yes, that does work actually once I go through advanced and continue anyway.

What about the site name that is specified in DuckDNS settings ? Wont that be a factor when testing on different addresses?

Any other way to resolve this issue?

A certificate is only given to “hostnames”. yourname.duckdns.org is an example. An IP address does not have a certificate associated with it.

LOCAL access may require your local IP if something changed in your modem/router

Is there any other way to do this?

your base_url is being defined as http, yet you are using https…

I was originally focusing on getting the http version working first but have since switched everything to https, still has the same issue.
I can access it internally but not externally.

When you set the SSL certificate in the config yaml, your HA is ONLY available via https…

Have you verified the port is open from an external source?

My config.yaml currently has:

http:
base_url: https://philwashere.duckdns.org
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem

What is the best way to do that?

Scan it with this: https://www.grc.com/default.htm

Select, Shields Up / Proceed / Common Ports (silver menu below the big orange button) - if you are using port 443. Otherwise fill in port 8123 in the text box.

You can do it from your PC. Does not have to be from HA as we are testing your router’s ports.