Express VPN DuckDNS Internal and External Access Help

hartman9 · January 2, 2020, 2:28pm

After trying for three days I am finally going to cry “Uncle”. I had my setup working with access internally and externally through xxxx.duckdns.org before I installed Express VPN on my router to secure my network.

Now I only get partial access (works on the desktop but not on the iPhone through xxxx.duckdns.org, I think because I have my windows hosts file forwarding to my HA ip) internally and no access externally. Works internally all the time through the direct HA ip on all devices.

I’ve tried forwarding the ports through Express VPN (8123, 80) as I had before I installed the VPN. I have the Dynamic DNS service setup through Express VPN to point to my DuckDNS ip. But nothing works

Setup
LAN-to-LAN everything on the same subnet
Modem -> Express VPN Router (WiFi) ASUS AC68U -> TP-Link R600VPN Router (this is where HA is served)

HASSIO
Home Assistant 0.103.5

Networking Related Add-ons
Duck DNS
Nginx Proxy Manager
Dnsmasq

Configuration Files

configuration.yaml

http:
  base_url: https://xxxx.duckdns.org

DuckDNS

{
  "lets_encrypt": {
    "accept_terms": true,
    "certfile": "fullchain.pem",
    "keyfile": "privkey.pem"
  },
  "token": "xxxxxxxxxx",
  "domains": [
    "xxxxxx.duckdns.org"
  ],
  "seconds": 300
}

Nginx Proxy Manager

Dnsmasq

{
  "defaults": [
    "8.8.8.8",
    "8.8.4.4"
  ],
  "forwards": [],
  "hosts": [
    {
      "host": "xxxx.duckdns.org",
      "ip": "192.168.x.xxx"
    }
  ]
}

Things I’ve Tried So Far…
Turning on and off all networking add-ons
Port Forwarding as mentioned above
Turning on and off the VPN
Adding port number to end of URL

My goal would to be able to have everything as it was before the VPN but with the VPN in place.
Exteranl and internal access through my duckdns.org URL. Thank you for any help and insight you can provide.

hartman9 · January 3, 2020, 8:40pm

Here’s an update. I now have it half working and could use some help.

Home Assistant can be reached internally and externally now without SSL via http:. Any suggestions on how to get SSL working through the VPN? The catch is I can’t forward port 443 as every time I try it kills my network.

hartman9 · January 4, 2020, 3:18pm

One additional thing I forgot to mention. I am still using DuckDNS but now it is through Express VPN and not Hass IO. Should I now be setting up Let’s Encrypt separately to have SSL access?

cjm81 · May 12, 2022, 4:46pm

@hartman9 Hi! Did you finish completing the setup using ExpressVPN and DuckDNS? I’m looking at this implementation at the moment (running ExpressVPN on my router). Thanks!

hartman9 · May 12, 2022, 5:39pm

Yes, I had the setup running for two years or so. I have recently gone to running the Tailscale VPN add-on as it seems to be more secure than having a public domain out there. Below is what I believe my setup was, if I am forgetting something forgive me.

Run DuckDNS on the ExpressVPN router under Advanced Settings → Dynamic DNS
Forward appropriate port, I believe I only had to do 443 to 8123 and point it the HA IP
Run Nginx Proxy Manager in Home Assistant to manager your SSL