Easy way to make HA accessible remotely(without DDNS+PORT FORWARDING)

I see. This does not in anyway increase people’s trust so to speak.

Thanks, I read it and find SSL Interception works only when a CA certificate preinstalled. If a CA certificate can be installed just like fiddler, I think a lot of things can happen. So can I say Https is safe when client is not hacked?:slightly_smiling_face:

I found this services can’t be accessed last night?

That she needs to remember when outside to activate the VPN (press an icon on home page, the OPENVPN app) and only then open HASS (press another icon on home page).
When at home she should not connect through openvpn but directly with HASS.

Otherwise sooner or later have to deactivate the VPN on the phone because not all services works (by the way why is that, it happens also on my android phone).

I tried there is definitely A negative WAF

If you have a better solution I am all ears!

Get her phone to turn off the VPN when it connects to your home wifi.

EDIT: oh and vice versa too of course.

If it is an iOS device you can set it up to automatically activate VPN when accessing certain URLs. There is no need to do anything on the user side if set up correctly.

Ohh thats cool, I tried to find a link with instructions but could not find it. You know if its possible also with Android?

EDIT: Found this solution for anyone interested, basically you change the ovpn file, so this solution will work both android and ios


1 Like


Being secure from hackers is one thing.

The other thing, I’m looking at is, how to stop people with whom we share the site do not fiddle around by switching on or off things for the heck of it which could be an irritant for others in the house.

As such I was thinking if there are 3 level of users or roles buitl-in that would help avoid this issue.
Level 1 - Read Only / Display Only access basically to share the info, we want to share [limited pages and not all tabs]. Possibly for an alert etc.
Level -2 - Access to operate but not all components - selective.
Level -3 - Full access like an administrator.

Has anyone thought about it from this angle and done something already…?
Will be glad to know.

There are now two levels of user, but I am not sure how fine grained the permissions are.

You bet, https://github.com/home-assistant/architecture/issues/67

Yes, the Goals are exactly what I was thinking. Hats off to people who could make it happen.

How would you do that?

Tasker I suppose.

do you any link which explains (preferably in “simple” way) how all thjis works? Me after 2 years of use still do not get it all

If I cannot understand how to setup DDNS and port forwarding, maybe HA is not for me. Everything about HA is self learning and following guides from forum and documentation. If I cannot pass the first hurdle, most probably I will be better off with cloud based solutions such as Xiaomi, Alexa or Google Home.


Agree, except some Internet providers may not even give you options like port forwarding. This is obviously easily fixed, if you live in a place with lots of providers to choose from… Not my case!

Hi all,

After I installed required files and setting appropriate configuration.yaml, my HA does not display the new card, as per below:

How to solve this issue?


port forwarding is controlled on your router. Yes your ISP will most probably give you a bargain basement one that does not do these sorts of things, but if you are serious, you would have probably upgraded this to something with a little more flexibility… maybe even with IPS nad firewall etc…

1 Like

Thanks for your help. If you know what such plan is available in Indonesia, do let me know…

If you’re using hass.io then use the Zero Tier One addon for remote access for free with no port forwarding or Nabu Casa with no port forwarding and a $5/month fee.

1 Like