External access down No more access via mobile app or website

Hello,

I recently no longer have access to my home assistant from outside.
Everything is ok locally.
I also get a kind of Home Assistant login window which only shows an error.

Maybe I changed something somewhere. What is the best way to track down the error?

No auth providers returned. Unable to finish login. https://ha.mydomainname.de/?auth_callback=1

What device are you trying to use from outside (mobile phone, computer)?

Do you use https://www.nabucasa.com/ ? If yes, can you login from outside and access your Home Assistant through Nabucasa?

Well, if you want help from someone here you should give a lot more details. How do you access HA externally?

i try it over my lokal PC but my external domain ha.mydomain.com and i try it with the mobile phone app… both not work

no i not use nabucasa… i use only normaly the mobile-system mobile app but for testing also my domain name…bevore works both fine… and stopped since somme weeks or maybe 4 month ago

normal with my HA-mobile app on my smart-phone
and that works before but now not get access more

after i get this connect-error… i try it the webside from my local computer
then I noticed that this didn’t work either

Then you would need to check your setup. Somewhere you have pointed your domain name to your external IP, are you sure the IP is still the same? You have also set up something (ports, a reverse proxy maybe?) to enable access externally. We do not know how your setup is unless you explain it.

yes thats the way maybe… maybe they changed the IP and i not get or read the information… where i can check the linked IP-Adresse from Home-Assistant?

i have a provider for my domain. and my fritzbox is the router and works also before… i get the lokal-webside , but with an error

Use a service like whatismyip.com from a device on the same network as HA. Then you can do a ping against the domain name and see what reply it gives you and compare the two.

1 Like

i check now my provider… i have the a Dyndns entry

[type or paste code here](http://myadomainddnss.de)

maybe this ddnss change it any

sorry maybe i missunderstood

i try it whatsmyip… i get 87.xx.xxx…
if i use my CMD on my lokal PC and ping mydomain.com i get
89.xxx.xxx
if i ping
ping ha.maydomain.de
zhen i get some IPv6 but i don’t know what is that … maybe is a lokal routing in my local network

is that possible maybe is any changed in cloudflare… sorry i forget totaly what i configure ther llast time for external access over webside and mobile app

her is a cut from my cloudeflare protocol

2024-03-22T12:57:27Z INF ICMP proxy will use 172.30.xx.8 as source for IPv4
2024-03-22T12:57:27Z INF ICMP proxy will use :: as source for IPv6
2024-03-22T12:57:27Z INF Starting metrics server on [::]:36500/metrics
2024-03-22T12:57:28Z INF Registered tunnel connection connIndex=0 connection=cfb841f8-6e80-4e95-bac4-f138cf12638f event=0 ip=198.41.xxx.43 location=fra12 protocol=quic
2024-03-22T12:57:29Z INF Registered tunnel connection connIndex=1 connection=2ca77573-9a80-4706-9cf0-5babfd53877b event=0 ip=198.41.192.27 location=muc01 protocol=quic
2024-03-22T12:57:29Z INF Registered tunnel connection connIndex=2 connection=2dc29cff-4e6e-479e-9a83-3e375b6280a3 event=0 ip=198.41.192.7 location=muc01 protocol=quic
2024-03-22T12:57:31Z INF Registered tunnel connection connIndex=3 connection=801fc4f6-ce32-4ff1-a1db-fc029d8686e2 event=0 ip=198.41.xxx.23 location=fra13 protocol=quic
2024-03-22T12:57:32Z INF Updated to new configuration config="{\"ingress\":[{\"hostname\":\"ha.mydomain.de\", \"service\":\"http://homeassistant:8123\"}, {\"service\":\"http_status:404\"}], \"warp-routing\":{\"enabled\":false}}" version=1
2024-03-23T01:28:37Z INF Unregistered tunnel connection connIndex=2 event=0 ip=198.41.192.7
2024-03-23T01:28:37Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=2 event=0 ip=198.41.192.7
2024-03-23T01:28:37Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=2 event=0 ip=198.41.192.7
2024-03-23T01:28:37Z INF Retrying connection in up to 1s connIndex=2 event=0 ip=198.41.192.7
2024-03-23T01:28:37Z INF Unregistered tunnel connection connIndex=3 event=0 ip=198.41.200.23
2024-03-23T01:28:37Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=3 event=0 ip=198.41.xxx.23
2024-03-23T01:28:37Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=3 event=0 ip=198.41.xxx.23
2024-03-23T01:28:37Z INF Retrying connection in up to 1s connIndex=3 event=0 ip=198.41.xxx.23
2024-03-23T01:28:37Z WRN Connection terminated error="timeout: no recent network activity" connIndex=3
2024-03-23T01:28:38Z INF Unregistered tunnel connection connIndex=0 event=0 ip=198.41.xxx.4

i restart now clodflare but i think thats looks all ok…

024-03-25T10:38:00Z INF Starting tunnel tunnelID=d43c2e9a-fdee-47cc-adf6-8868a1818e53
2024-03-25T10:38:00Z INF Version 2024.3.0
2024-03-25T10:38:00Z INF GOOS: linux, GOVersion: go1.21.5, GoArch: arm64
2024-03-25T10:38:00Z INF Settings: map[metrics:0.0.0.0:36500 no-autoupdate:true token:*****]
2024-03-25T10:38:00Z INF Generated Connector ID: 9e778c6d-6dc2-476d-a304-832a2931de43
2024-03-25T10:38:00Z INF Initial protocol quic
2024-03-25T10:38:00Z INF ICMP proxy will use 172.30.33.8 as source for IPv4
2024-03-25T10:38:00Z INF ICMP proxy will use :: as source for IPv6
2024-03-25T10:38:00Z INF Starting metrics server on [::]:36500/metrics
2024-03-25T10:38:01Z INF Registered tunnel connection connIndex=0 connection=99860bd3-ae88-4f18-bb03-1ac34f5cafbf event=0 ip=198.41.200.13 location=fra06 protocol=quic
2024-03-25T10:38:01Z INF Registered tunnel connection connIndex=1 connection=b1d53410-1a1f-497c-8e59-ef7c2c81d827 event=0 ip=198.41.192.57 location=muc01 protocol=quic
2024-03-25T10:38:02Z INF Registered tunnel connection connIndex=2 connection=84fa8a13-a091-4e43-9a4f-c69de14daf17 event=0 ip=198.41.200.73 location=fra07 protocol=quic
2024-03-25T10:38:03Z INF Registered tunnel connection connIndex=3 connection=42f6db76-e3b8-45de-80c9-14e942b827fd event=0 ip=198.41.192.37 location=muc01 protocol=quic
2024-03-25T10:38:04Z INF Updated to new configuration config="{\"ingress\":[{\"hostname\":\"ha.i_have_mydomain.de\", \"service\":\"http://homeassistant:8123\"}, {\"service\":\"http_status:404\"}], \"warp-routing\":{\"enabled\":false}}" version=1

what can be happen too?

maybe i see the problem.

if i ping a wrong ip-adress… i get that answere from this ip

Ping wird ausgefĂĽhrt fĂĽr mygrobot.com [89.31.143.90] mit 32 Bytes Daten:
Antwort von 89.31.143.90: Bytes=32 Zeit=32ms TTL=55
Antwort von 89.31.143.90: Bytes=32 Zeit=27ms TTL=55
Antwort von 89.31.143.90: Bytes=32 Zeit=17ms TTL=55
Antwort von 89.31.143.90: Bytes=32 Zeit=20ms TTL=55

if i watch my cloudflare DNS-configuration on the cloudflare-webside then i see

[type or paste code here](http://mydomainde)  89.31.143.1

Mit Proxy

Auto

if this possible my ip-adresse changed from 1 to 90 ?

sorry, i see thats 89.31.143.1 is the ip from my domain-provider… and the 90 i think too

in my homassistant.log i get this errors…

homeassistant.auth.InvalidProvider: Auth provider homeassistant, None not available
2024-03-25 14:00:10.998 WARNING (MainThread) [homeassistant.components.websocket_api.http.connection] [546830806848] from 2003:ea:971f:b700:5893:6b60:144:f948 (Home Assistant/2024.1.5-12102 (Android 14; SM-G990B)): Disconnected: Did not receive auth message within 10 seconds
2024-03-25 14:13:55.889 ERROR (MainThread) [aiohttp.server] Error handling request
Traceback (most recent call last):
  File "/usr/local/lib/python3.12/site-packages/aiohttp/web_protocol.py", line 452, in _handle_request
    resp = await request_handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/site-packages/aiohttp/web_app.py", line 543, in _handle
    resp = await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/site-packages/aiohttp/web_middlewares.py", line 114, in impl
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/security_filter.py", line 91, in security_filter_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/forwarded.py", line 227, in forwarded_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/request_context.py", line 25, in request_context_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 235, in auth_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/headers.py", line 31, in headers_middleware
    response = await handler(request)
               ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/helpers/http.py", line 68, in handle
    result = await handler(request, **request.match_info)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 94, in handle_req
    resp = await func(view, request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/auth/__init__.py", line 264, in post
    return await self._async_handle_refresh_token(hass, data, request.remote)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/auth/__init__.py", line 381, in _async_handle_refresh_token
    access_token = hass.auth.async_create_access_token(
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/auth/__init__.py", line 569, in async_create_access_token
    self.async_validate_refresh_token(refresh_token, remote_ip)
  File "/usr/src/homeassistant/homeassistant/auth/__init__.py", line 616, in async_validate_refresh_token
    if provider := self._async_resolve_provider(refresh_token):
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/auth/__init__.py", line 602, in _async_resolve_provider
    raise InvalidProvider(
homeassistant.auth.InvalidProvider: Auth provider homeassistant, None not available
2024-03-25 14:14:06.118 WARNING (MainThread) [homeassistant.components.websocket_api.http.connection] [546741194048] from 2003:ea:971f:b700:5893:6b60:144:f948 (Home Assistant/2024.1.5-12102 (Android 14; SM-G990B)): Disconnected: Did not receive auth message within 10 seconds

my configuration.yaml

homeassistant:
  auth_providers:
   - type: trusted_networks
     trusted_networks:
       - 192.168.2.0/24
       - 192.168.1.0/24
       - ff00::/8
  name: thatsmyname
  latitude: 49.460983
  longitude: 11.061859
  elevation: 430
  unit_system: metric
  currency: EUR
  country: DE
  time_zone: "Europe/Berlin"
  external_url: "https://www.thatsmydomain.com"
  internal_url: "http://homeassistant.local:8123"
  allowlist_external_dirs:
    - "/config/tmp"
    - "/config/tmp/Cameras/snapshots/reolink_E1_Zoom"
    - "/config/www/cards"
    - "/config/www"

thats http-section in configuration.yaml

http:
  cors_allowed_origins:
    - https://google.com
    - https://www.home-assistant.io
  ip_ban_enabled: false 
  login_attempts_threshold: 5
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24