Is it possible to connect esp8266 located in any network (connected to internet) to home assistant? Please, help with example or direction to go.
Nope it’s specifically designed to be used only on LAN and LAN communications. ESP is not designed to be connected at Internet straight !
I think this might be possible, see links below:
You probably need to open ports in the firewall of your router, but it should be possible.
ESPHome runs a full TCP/IP stack, so no block there.
Auto discovery might not work, but manually putting in the IP when setting up the integration should be good enough.
Best to use a vpn.
I so agree with nickrout!
ESP devices usually have very limited resources, both in CPU, RAM and storage, so shortcuts have to made here and there. The device might never be hardened enough for open internet access.
Also remember that esphome is the server for API comms, so the connection is made from home assistant to the esp. This means that it is at the esp end that you’d have to punch a hole in a firewall on port 6053.
I have ESPhome devices running on a 4g router with a vpn to the main site. Essentially same network but different subnets.
Why does everyone want to make it hard? Use MQTT and connect your nodes and Home Assistant to a public broker.
At some stage you will expose something to the baddies, whether by using a public broker, or opening a vpn.
The fear of IOT as a vector for bad operators is way overblown. Can anyone point to a verified report of this ever happening? I don’t mean a kiddie prank where a hacker set your heat to 98°F, but any verified network penetration.
But this got me to thinking- because I do have a need for WAN access to my broker. What if I were to put my MQTT broker on DuckDuckGo?
I agree. How is MQTT over SSL/TLS any worse than a browser using https?
The main problem would be with bad actors gaining access to your data on the network you don’t control, in the broker space.
Easier than deploying a MQTT server in the WWW might be just to call a webhook via nabucasa from the remote esphome node.
Various topics and snippets about this exist in the forum here.
Ether way (MQTT or webhook) the esphome node is able to communicate with HA but all the lovely management features will not be available that way.
Using a site-2-site VPN (like wireguard or tailscale which can directly run on routers) will give full control and allow use of the native api and all other goodies.