Please I need help. Until the other day, I used vdsl, everything was set according to the instructions and it worked perfectly. More precisely, I mean duckdns, fixing ip, port forwarding, etc. However, now I’ve switched to optical internet, but I’m behind cgnat. Even after fixing the IP and porting, I can’t access the app. As far as I understand, my ISP offers ipv6, so can I use that to set my HASS to still work outside the local network for free and without a VPN?
To use IPv6 you need to know how the ISP provides it to your router.
Is it DHCP-PD?
Is it NAT6 of some kind?
Or is it another method?
An alternative could be to continue with IPv4 over a tunnel, like NabuCasa or Cloudflared.
This is essential a portforward, but with a VPN to an external server. The VPN part is just fully handled by the software, so no worries in the management of it.
NabuCasa have a subscription.
I do not know if Cloudflared is free or cost money.
2 Likes
Yeah CGNAT is a problem. I don’t think anyone has written a definitive community guide, but simply google “home assistant cgnat” and you’ll get lots of hits:
and
1 Like
I gave up on ipv6.
By the 7th minute, everything is set up and working. After that, he talk about the domain.
I have a NUC device, only HASS is installed on it.
My provider put me behind cgnat, so I had to switch to tailscale.
As per the tutorial, until the 7th minute, I set up Tailscale on both the HA (Nuc) and the mobile device.
Now, if I want to use HASS on a mobile phone outside the home internet, I have to turn on tailscale on the mobile phone, otherwise HASS does not work for me.
How can I set the HASS application on my mobile device to work without the tailscale application running?
You might be able to use a Cloudflared tunnel, but VPN is better in my opinion, because you get another layer of security and authentication.
1 Like
I’ve not used Tailscale, but watching the video, he is able to connect to his Homeassistant through Tailscale whether he is in the home or outside the home by using a Tailscale generated URL. So I think all you need to do is configure you HA Companion App to use the Tailscale generated URL and you can use it both inside and outside the home without having to do any kind of switching or using the Tailscale app.
2 Likes
That is how it should work.
1 Like
when you are connected to the Internet outside the house, do you have to turn on the Tailscale application on your mobile device in order to use the HASS application?
second question:
now i use tailscale+hass (no cloudflare tunnel)
what will I get if I also use clodflare tunnel (hass+tailscale+cloudflare tunnel)?
I do not use tailscale,but swanVPN.
The setup works the same though.
When I am outside my home, the. i have to turn on my VPN for HA to connect.
SeanVPN have a application option, which means I can choose which applications use the VPN clie t and then the other applications works as normal.
With a VPN client with just full VPN all application will send their data over the VPN home to you HA network and from there out in the world, which can cost a bit extra on the home internet connection if it is an usage based subscription and a little on the battery life on the mobile due to the extra encryption layer.
With the application option it is possible to only send HA traffic through the VPN connection, which limits the two downsides above.
I often just keep my VPN connection running, because it has the application option.
Tailscale might have it too.
There is no need to use Cloudflared tunnel when using a VPN connection.
Cloudflared tunnels is a replacement for portforwards on CGNAT connections, because normal portforwards do not work.
A CGNAT is actuqlly an extra router between you and the internet which needs to have a portforwards set up for the normal portforwards to work, but that router is controlled by the ISP and they do not want to allow a portforward on it without taking an extra monthly fee for it.
1 Like
I think you should be able to use the Tailscale URL in your HA Companion App to reach your HA server at home, and this should NOT require you to use the Tailscale App.
You need the tailscale app to make the connection to the tailscale server.
You might be able to set up the VPN directly in your mobile device, but it will still need to be activated before connection can occur.
Tailscale is very easy to use. Basically you just install the app on every device you want connect to, login to your account then click connect. Essentially you are creating your own virtual private network and any device that you connect to that network can communicate with each other. This is why you have to install the app on every device that you want to communicate with.*
One of my favorite features about tailscale is the subnet router mode. This allows you to access any device that your tailscale machine can access even if they don’t have an internet connection. For example my home assistant instance has internet access and a local IP of 192.168.10.20 and my security camera does not have internet access but has a local IP of 192.168.10.21. Because I have the subnet router mode enabled I can access the camera from its local IP address of 192.168.10.21 over the internet. This is great because I can install tailscale on one device in the network and access to everything else.
Also setting up ipv6 was extremely easy. I just enabled pass through mode and all of my devices got assigned a public ipv6 address.
1 Like