So I have not been able to figure this one out. I set up just plain ole port forwarding from port 80 to port 8123 and same result. Part of what makes this difficult is that all of my traffic goes over VPN. HA takes so friggin’ long to reboot that it is a pretty time-consuming process trying to segment where the problem could be. You have to make the configuration changes, stop/restart HA, over and over. I’d like to figure it out but with the obvious possibilities no producing any results I am reluctant to continue trying to isolate. I will eventually move all this over to a server with a bit more horsepower than the Pi and I don’t access HA from the outside enough, yet, to justify figuring it out.
There have been no obvious changes or anything in the set up which makes things even a bit more difficult. So if I figure this out it will have to be when I have a bit more time to do so.
OH! I didn’t know you are using a VPN. If you’re on VPN, you don’t need SSL because it is already secured by the VPN. Also, assuming HA is running on port 8123 (default) without https, you should be able to access your HA by going to http://xxx.xxx.xxx.xxx:8123 (x is the internal ip address of your pi). https isn’t needed if running on VPN and port forwarding isn’t needed if running on VPN. If you’re on VPN, your site isn’t accessible from the outside of your network hence why the other person you had try, couldn’t. They would need to be on your VPN to access it. You would also need to have your VPN enabled while on mobile to access HA.
Edit: If you’re using a hosted VPN service, your duck DNS URL needs to point to the VPN’s external IP and not your home’s external IP.
I used the DuckDNS and Let’s Encrypt SSL for the external access and have successfully done so. I understand it is not needed when I am internal to the network. I just can’t figure out why, all of a sudden, it quit working. Well accessing from the outside that is.
I don’t know why I’m unable to login to my HA from work (I have no problem from mobile or other PCs). I can see the login page but after clicked on LOG IN I receive (after few seconds) the message “unable to connect”.
Maybe there is some specific port that can be blocked by my company firewall?
It may be that any ports besides 443 and 80 are blocked by your employer - standard practice in most enterprises to explicitly allow only http: and https: traffic and block any ports specified in the URL.
The best thing to do would be to ask your IT department, really. They are the ones who would know for sure; I can only guess based on my own experiences in the past with working at client sites.
It would seem to me that if you’re getting the login page, traffic is making from your work to your server. Otherwise I would think you would just get page cannot be displayed or something similar. I’m not a network guy, but I believe any traffic generated inside the firewall that is allowed to leave should be allowed back in. Note: That is just a general overview based on my limited knowledge.
I’m also not exactly sure how port forwarding changes information in the packets. Again it would appear to me that 443 is allowed out from your work, but once that info is forwarded to 8123 at your router and then sent back, does it come back on port 443 or 8123?
I have the same issue than Jokerigno. I connect from outside, and can see the login screen, then write the password and a seconds later… “Unable to connect”